dearJulius.com Write For Us

If Facebook logged you out, your account was likely accessed

SHARE:

© Provided by Dow Jones & Company, Inc.   Facebook users who are forced to log in to the service with their passwords likely had their data accessed in a recent breach.

By Jeremy C. Owens, MarketWatch

Unknown attackers accessed 50 million Facebook accounts this month, and executives said Friday that any potentially compromised accounts had been logged out of the service as an investigation continued.

In a blog post, Facebook executive Guy Rosen said that the social network’s “view as” feature, which lets users see their profile page as a specific user would, allowed access to that other account’s “token,” or identification. The hackers found that a video uploader coughed up a friend’s token within a “Happy Birthday” option that was not supposed to be active in “view as” mode, and then would use the trick against more friends of the accounts they accessed.

“These access tokens enabled someone to use the account as if they were ... the account holder themselves,” Rosen said in the second of two conference calls Facebook held with the media about the breach on Friday. “This does mean they could have accessed other third-party apps that were using Facebook Login.”

Facebook actually logged off 90 million users Friday, executives said: The 50 million affected accounts and another 40 million that had used the ”view as” feature since a July 2017 update caused the security hole. Users who were logged out were promised notifications with more information at the top of their pages when they regained control of their account.

On the morning conference call, Facebook assured the media that credit-card numbers could not have been accessed, but repeatedly stressed that it was early in the investigation when questioned about other parts of a user’s accounts, such as private messages. Facebook began investigating on Sept. 16, after noticing unusual account activity, and discovered the vulnerability on Tuesday. By Thursday evening, they had patched it and begun forcing users out to require a password for entry.

“Since we’ve only just started our investigation, we have yet to determine whether these accounts were misused or any information accessed,” Rosen wrote in the blog post. “We also don’t know who’s behind these attacks or where they’re based.”

Facebook said the vulnerability is fixed, law enforcement has been notified and the breach has been disclosed to the Irish Data Protection Commission to satisfy a GDPR requirement to notify within 72 hours. The company will turn off the “view as” feature temporarily.

“While I’m glad we found this, fixed the vulnerability, and secured the accounts that may be at risk, the reality is we need to continue developing new tools to prevent this from happening in the first place,” Chief Executive Mark Zuckerberg said in a post on his Facebook account, which was reportedly one of the 50 million affected.

Facebook’s stock (FB) took a hit directly after the breach was announced, and closed down 2.6% on the day. Shares have declined 6.8% so far this year amid other data scares, such as the Cambridge Analytica scandal, and the increasing costs Facebook is facing to confront its issues. The S&P 500 index (SPX) has gained 9% in 2018.

The breach is likely to increase pressure on Facebook, which has already faced blowback from politicians for earlier privacy issues. U.S. Sen. Mark Warner, a Virginia Democrat, called the breach “deeply concerning” in an email statement Friday.

“Today’s disclosure is a reminder about the dangers posed when a small number of companies like Facebook or the credit bureau Equifax (EFX) are able to accumulate so much personal data about individual Americans without adequate security measures,” he wrote. “This is another sobering indicator that Congress needs to step up and take action to protect the privacy and security of social media users.”

COMMENTS



Note: If you think this story need more information or correction, feel free to comment below your opinion and reaction.
Like & Follow to Stay Updated ...

Name

AI,3,Amazon,1,Apple,5,Emoji,1,Facebook,17,Games,35,Google,7,Instagram,6,Science,205,Security,4,Social Media,24,Tech,242,Technology,1080,Tesla,5,Twitter,4,
ltr
item
Technology - U.S. Daily News: If Facebook logged you out, your account was likely accessed
If Facebook logged you out, your account was likely accessed
https://3.bp.blogspot.com/-nV8Y9TIJ4TQ/W6-tNhDGi7I/AAAAAAAAcwA/HLJJh8sDPXoOcWy1V-Johq-Jsqvv7ufegCLcBGAs/s1600/1.jpg
https://3.bp.blogspot.com/-nV8Y9TIJ4TQ/W6-tNhDGi7I/AAAAAAAAcwA/HLJJh8sDPXoOcWy1V-Johq-Jsqvv7ufegCLcBGAs/s72-c/1.jpg
Technology - U.S. Daily News
https://tech.dailynews.us.com/2018/09/if-facebook-logged-you-out-your-account.html
https://tech.dailynews.us.com/
https://tech.dailynews.us.com/
https://tech.dailynews.us.com/2018/09/if-facebook-logged-you-out-your-account.html
true
4191228214535516123
UTF-8
Loaded All Posts Not found any posts VIEW ALL Read More Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy