Facebook says 50M user accounts exposed in breach

Facebook, a social media powerhouse, has just announced that their engineering team has discovered that information on 50 million accounts has been compromised.

The attackers, who were not identified were able to exploit a vulnerability with the “View As” feature which allows users to see their Facebook page the way someone else would. Facebook reports that this could then be used to steal Facebook access tokens which could be used to take over one’s account.

Users that were affected within the 50 million compromised or an additional 40 million accounts that have been subject to a “View As” lookup over the last year were prompted to log back in to their Facebook account and any apps that were utilizing the Facebook login system like Facebook Messenger or Waze.

Facebook’s investigation is in the early stages, but they have resolved the security vulnerability and have disabled the “View As” function until a full review can be completed.  In addition, according to their statement “there’s no need for anyone to change their passwords.”

IntermixIT has created a guide to help you see where your account is logged in at and how you can log off your sessions.  You can view that guide here.  Although this breach is currently low-risk, and Facebook states there is no need to change your password, it is our recommendation that you take a minute and update your password simply as a precaution as Facebook further investigates.

For our clients if you have any questions or concerns please submit a ticket and our Support Team will get back to you as soon as possible.  If you are not currently a client with IntermixIT and would like to learn more about the IntermixIT CompleteIT, schedule a free network assessment here.

Source: https://newsroom.fb.com/news/2018/09/security-update/