Facebook announced tonight that up to 50 million accounts were breached in a security flaw exploited by hackers.The large social network said it learned this week of the attack that allowed hackers to steal “access tokens,” the equivalent of digital keys that enable them to access their accounts.
“It’s clear that attackers exploited a vulnerability in Facebook’s code,” Vice President of product management Guy Rosen said in a blog post.”We’ve fixed the vulnerability and informed law enforcement.” he added.
“We don’t know if any accounts were actually misused,this is a serious issue.” Mark Zuckerberg said.
As a precaution, Facebook is temporarily taking down the “view as” feature – described as a privacy tool to let user see how their own profiles would look to other people.
“We face constant attacks from people who want to take over accounts or steal information around the world,” Zuckerberg said on his Facebook page.
Facebook said it took an additional “precautionary step” of resetting access tokens for another 40 million accounts where the vulnerable feature was used. This will require those users to log back in to Facebook.