In what might seem as consistent issues for Facebook, yet another incident involving their user's private information has occurred.
This time around it is a whopping fifty-million people who had their information exposed after an attack on the network.
The way the attacked operated was using the "view as" feature on the personal account pages of users. It allowed people to view their accounts as if they were not the owners, which was great if you wanted to see how your online presence looks to your buddy. However, the security breach worked by potentially allowing the attackers to gain complete control over the account. Currently, the view as feature is no longer operational as an investigation has been launched into the breach.
The actual vulnerability comes from a combination of things, one being a bug that appeared in July of 2017 when Facebook updated its video upload tools.
Attackers also stole something called an access token. It's basically something that keeps you logged in for very long periods of time. Now, Facebook did in fact, reset all the 50 million tokens as well as another 40 million just to be sure that people who used the view as a feature within the last year weren't affected by the breach.
According to CNN, the ninety-million users were forcibly logged out and received a notification about the issue at hand. They also don't apparently need to take any security measures as of yet. However, Facebook does not yet know if these accounts were used in a malicious manner and if any actual account information was ever accessed. It's also worth mentioning that specific targets and locations of the accounts are unknown as of yet.
Facebook has informed authorities and even lawmakers and regulators. This move was taken to just inform them of the problem. It's actually quite helpful because if it's happening to another site, it might allow the government to figure out how widespread the attack is.
Thankfully, some pretty good news is that Facebook is always fighting the war of security. It's a constant battle between those who want to steal our info and those who want to protect it. So, this is why Facebook has to investigate these issues and then improve their security in the respective sector to prevent this in the future.