A security flaw enabled the accounts of 50 million Facebook users to be taken over, the company has admitted in a statement today.
Discovered on Tuesday 25 September, Facebook claimed in a statement today that the flaw has now been fixed. The attackers took advantage of a security flaw in Facebook's ‘View as' feature, which enables people to view their own accounts as other people see them. Access tokens - digital keys - could then be taken, enabling attackers to takeover the accounts.
In the statement, Guy Rosen, vice president of product management, said that the company had taken a number of steps to fix the problem. "First, we've fixed the vulnerability and informed law enforcement.
"Second, we have reset the access tokens of the almost 50 million accounts we know were affected to protect their security. We're also taking the precautionary step of resetting access tokens for another 40 million accounts that have been subject to a "View As" look-up in the last year.
"As a result, around 90 million people will now have to log back in to Facebook, or any of their apps that use Facebook Login. After they have logged back in, people will get a notification at the top of their News Feed explaining what happened.
"Third, we're temporarily turning off the ‘View As' feature while we conduct a thorough security review."
Rosen added that the security flaw stemmed from a "complex interaction of multiple issues" in the app's code, and went back to some changes introduced to Facebook's video uploading feature in July 2017.
However, it's unclear what use the attackers may have made of the compromised accounts. "We have yet to determine whether these accounts were misused or any information accessed. We also don't know who's behind these attacks or where they're based," added Rosen.
The admission comes just days after the company admitted that it had used mobile phone telephone numbers provided for two-factor authentication to surveil those users when they used the internet and to target them with adverts.
It has also sought other ways with which to connect people's identities and their real-world phone numbers in order to track them online.
Four glaciers located west of massive Totten glacier have lost almost three metres of ice in height since 2008
Ceres, located in the asteroid belt, has a carbonaceous-rich upper crust, SwRI study claims
The spacecraft found traces of hydrogen and oxygen molecules, known as hydroxyls, embedded in the rocky surface of the asteroid
The skeleton was unearthed more than 20 years ago in South Africa