Social media giant Facebook disclosed Friday that almost 50 million users’ accounts had been breached by hackers, in yet another escalating blow after the Cambridge Analytica row, AFP reported.
Facebook chief executive Mark Zuckerberg said engineers discovered the breach on Tuesday, and fixed it on Thursday night.
“We don’t know if any accounts were actually misused,” Zuckerberg said. “This is a serious issue.”
The team reported that the hackers exploited ‘a trio of software flaws to steal access tokens, the equivalent of digital keys that enable people to automatically log back into the social network’, AFP reported.
As a precautionary measure, Facebook has taken down the “view as” feature, which is a privacy tool which lets users see how their profiles look to other people.
“It’s clear that attackers exploited a vulnerability in Facebook’s code,” said vice president of product management Guy Rosen. “We’ve fixed the vulnerability and informed law enforcement.”
After the update, Facebook reset the breached accounts, leading them to sign back with using passwords.
Democratic US Senator Mark Warner stated the breach as solid proof of danger of the users’ privacy with companies like Facebook and Equifax not being able to protect the data being stored.
“This is another sobering indicator that Congress needs to step up and take action to protect the privacy and security of social media users,” Warner said in a statement. “As I’ve said before — the era of the Wild West in social media is over.”
“We face constant attacks from people who want to take over accounts or steal information around the world,” Zuckerberg said on his Facebook page. “While I’m glad we found this, fixed the vulnerability, and secured the accounts that may be at risk, the reality is we need to continue developing new tools to prevent this from happening in the first place.”
Facebook said it took a precautionary step of resetting “access tokens” for another 40 million accounts where the “view as” was used. This will require those users to log back in to Facebook.
“People’s privacy and security is incredibly important , and we’re sorry this happened,” Rosen said.
Facebook has been under constant fire after it was revealed in March that Cambridge Analytica, a data firm had ties with U.S President Donald Trump’s elections campaign and reportedly accessed information from about 50 million Facebook users without their knowledge, CNN reported.
A report in the New York Times revealed that Facebook reached data-sharing partnerships with at least 60 device makers — including Apple, Amazon, BlackBerry, Microsoft and Samsung — over the last decade, starting before Facebook apps were widely available on smartphones, company officials said.
The deals raise concerns about the company’s privacy protections and compliance with a 2011 consent decree with the US Federal Trade Commission (FTC), The Times said.