Facebook warns 90 million users about attack – Tecnoblog

As promised, Facebook is notifying 90 million users of an invasion of social networking systems. The notice appears at the top of the news feed, above the “Create publication” field, with a link to explain why they were disconnected.

Facebook warns 90 million users about attack Tecnoblog

The notice in the news feed is very generic: “Your privacy and security are important to us. We want to report on a recent action that we had to take to protect your account. ”

The link goes into more detail. “To protect your security, we may have recently signed you out of your Facebook account,” says the support article.

1613536461 838 Facebook warns 90 million users about attack Tecnoblog

Facebook had to log off 50 million users because hackers stole access tokens, digital keys that could be used to control other people’s accounts. Another 40 million were disconnected just in case.

“By disconnecting people, we prevent them from using tokens to access these accounts,” explains the company. If more people are affected, they will also be disconnected and alerted to the problem.

The support article does not mention that the vulnerability was in the “See how” feature, which shows how your profile is displayed to others. It has been temporarily disabled while undergoing a security review:

1613536461 199 Facebook warns 90 million users about attack Tecnoblog

Facebook does not say if there was a data leak

The hacking was discovered on September 25, and Facebook does not confirm whether there was a data leak: “we still don’t know if anyone’s information has been accessed.” The social network informed the competent authorities and continues the investigations.

Facebook says that “there is no need to change the password”, because only access tokens have been affected.

If you have been disconnected, you need to log in again. However, several people have been reporting problems: the password is not recognized, the code for two-factor authentication gives an error (or never arrives), or there is no way to publish posts.

https://twitter.com/sniffmypiss/status/1045784763368439808

Leave a Comment