search on deccanchronicle.com
World, America

Up to 50 million accounts breached by hackers, says social media giant Facebook

AFP
Published Sep 29, 2018, 8:53 am IST
Updated Sep 29, 2018, 8:53 am IST
Facebook reset the 50 million breached accounts, meaning users will need to sign back in using passwords.
Facebook chief executive Mark Zuckerberg said engineers discovered the breach on Tuesday, and patched it on Thursday night. (Photo: Pixabay)
 Facebook chief executive Mark Zuckerberg said engineers discovered the breach on Tuesday, and patched it on Thursday night. (Photo: Pixabay)

Washington: Facebook revealed on Friday that up to 50 million accounts were breached by hackers, dealing a blow to the social network's effort to convince users to trust it with their data.

The social network is investigating the extent of harm done when hackers exploited a trio of software flaws to steal "access tokens," th

 

e equivalent of digital keys that enable people to automatically log back into the social network.

Facebook chief executive Mark Zuckerberg said engineers discovered the breach on Tuesday, and patched it on Thursday night.

"We don't know if any accounts were actually misused," Zuckerberg said. "This is a serious issue."

As a precaution, Facebook is temporarily taking down the "view as" feature -- described as a privacy tool to let users see how their profiles look to other people.

"It's clear that attackers exploited a vulnerability in Facebook's code," said vice president of product management Guy Rosen.

"We've fixed the vulnerability and informed law enforcement."

Facebook reset the 50 million breached accounts, meaning users will need to sign back in using passwords.

Also Read: With most users in India, FB worried over security breach of 50 mn accounts

Democratic US Senator Mark Warner cited the breach as further proof of the privacy danger of companies such as Facebook and Equifax not adequately protecting the massive amounts of information they gather about people.

"This is another sobering indicator that Congress needs to step up and take action to protect the privacy and security of social media users," Warner said in a statement.

"As I've said before -- the era of the Wild West in social media is over."

The breach is the latest privacy embarrassment for Facebook, which earlier this year acknowledged that tens of millions of users had personal data hijacked by Cambridge Analytica, a political firm working for Donald Trump in 2016.

"We face constant attacks from people who want to take over accounts or steal information around the world," Zuckerberg said on his Facebook page.

"While I'm glad we found this, fixed the vulnerability, and secured the accounts that may be at risk, the reality is we need to continue developing new tools to prevent this from happening in the first place."

Facebook said it took a precautionary step of resetting "access tokens" for another 40 million accounts where the "view as" was used. This will require those users to log back in to Facebook.

"People's privacy and security is incredibly important , and we're sorry this happened," Rosen said.

Sophisticated hack

No passwords were taken in the breach, only "tokens," according to Rosen.

Information hackers appeared interested in included names, genders, and home towns, but it was not clear for what purposes, the executives said in a telephone briefing.

The stolen tokens gave hackers complete control of accounts. Facebook is trying to determine whether hackers tampered with posts or messages.

Hackers could have also gotten into third-party applications linked to Facebook accounts, but it was too early to determine whether that happened, according to the social network.

Attackers would have been able to meddle with Instagram accounts lined to Facebook, but could not have tampered with the social network's WhatsApp messaging service, according to executives.

Facebook said that it noticed an unusual spike in activity on September 16 and determined nine days later that it was malicious.

Hackers took advantage of a "complex interaction" between three software bugs, which required a degree of sophistication, according to Rosen. The vulnerability was created by a change to a video uploading feature in July of 2017.

"We may never know who is behind this," Rosen said. "This is not an easy investigation."

The 50 million figure was the total number of accounts Facebook determined were breached by the attack since July of last year, but the social network did not disclose the earliest incursion.

Facebook is working with data privacy regulators as well as law enforcement, according to Rosen.

Facebook this year is doubling to 20,000 the number of workers devoted to safety and security.

When asked why people should still trust Facebook with their personal information, Zuckerberg outlined anew ways the social network is ramping up defenses.

"As I've said a number of times, security is an arms race," Zuckerberg said.

But Facebook may have deeper problems, said Jonathan Zittrain, a Harvard law professor and co-founder of university's Berkman Klein Center for Internet & Society.

"There is a structural problem here," Zittrain said in a tweet.

"Facebook has one of the best and most well-resourced cybersecurity outfits in the world, yet a breach of its servers appears to have compromised tens of millions of accounts in still-undisclosed ways."

Tags: facebook, facebook security breach, facebook account hacked, mark zuckerberg
Location: United States, District of Columbia, Washington


Related Stories

With most users in India, FB worried over security breach of 50 mn accounts


ADVERTISEMENT

MOST POPULAR

 

Facebook says hackers could access some apps

A feature called Facebook Login allows people to use their Facebook credentials to sign into certain other apps and services.
 

Hacked: Facebook confirms 50M user accounts affected by security breach

In a call with reporters on Friday, CEO Mark Zuckerberg said that attackers would have had the ability to view private messages or post on someone’s account, but there’s no sign that they did.
 

World Heart Day: Proactive health strategies can counter cardiovascular disease risk

A Global Burden of Disease study published by WHO in 2016, says 22 per cent of lives lost among those between 15 and 49 years is because of cardiovascular diseases. (Photo: Pixabay)
 

Nana Patekar reacts to Tanushree Dutta’s sexual assault allegations, then does this

Tanushree Dutta had claimed that everyone in the industry was aware of Nana Patekar’s misbehaviour with many women.
 

Microplastics found in freshwater insects raise concerns about plastic pollution

The first of its kind study was conducted with mayfly and caddis larvae (Photo: AFP)
 

Daily dose of vitamin D supplements can help children lose weight: study

Lack of the sunshine vitamin can also lead to weak bones and lack of immunity (Photo: AFP)
ADVERTISEMENT
ADVERTISEMENT

More From America

US President Donald Trump supports embattled court nominee after hearing

Democrats shot back that the 53-year-old Kavanaugh was aggressive and partisan in his testimony.

Democrats walk out after Senate committee sets vote on Brett Kavanaugh

Republicans have blocked Democratic efforts to subpoena a high school friend of Supreme Court nominee Brett Kavanaugh who's been described as witness to alleged assault involving Kavanaugh about 30 years ago. (Photo: File | AFP)

US seeks to continue N Korea sanctions despite progress, Russia, China oppose

Chairing a special session of the UN Security Council, Pompeo said President Donald Trump's diplomatic breakthrough with North Korean leader Kim Jong Un has led to a point where the nuclear threat from the country can be resolved. (Photo: File | AP)

Canada revokes Aung San Suu Kyi's honorary citizenship over Rohingya crisis

Suu Kyi's democratically-elected government remains in a delicate power balance with the generals, whose presence in parliament gives them an effective veto on constitutional changes. (Photo: File)

Kavanaugh showed why I nominated him: Trump backs SC pick after hearing

In a passionate defense, the 53-year-old conservative judge insisted before the Senate Judiciary Committee that it never happened, accused Democrats of destroying his reputation and condemned his confirmation battle as a 'national disgrace' and a 'circus'. (Photo: AFP)
ADVERTISEMENT
ADVERTISEMENT
Home Asian Age Andhrabhoomi Financial Chronicle About Us Contact Us Classifieds Book Classifieds Feedback Careers E-Paper Privacy Policy

Copyright © 2015 - 2018 Deccan Chronicle.

Designed, Developed & Maintained By Daksham