The Facebook Inc. is cleaning up after the Facebook’s data breach, a major security incident exposed the account data of it’s more than 100 million users. What’s already been a rocky year after the Cambridge Analytica scandal, the company is scrambling to regain its users trust after another security incident exposed user data.
Here’s everything you need to know so far about the Facebook’s data breach
Table of Contents
According to Facebook, at least 50 million users’ data were confirmed at risk after attackers exploited a vulnerability that allowed them access to personal data. The company also preventively secure 40 million additional accounts out of an abundance of caution.
What data were the hackers after?
The CEO of Facebook said that the company has not seen any accounts compromised and improperly accessed — although it’s early days and that may change. But Zuckerberg said that the attackers were using Facebook developer APIs to obtain some information, like “name, gender, and hometowns” that’s linked to a user’s profile page.
What data wasn’t taken?
No credit card information was accessed in the breach, and private messages wew probably not accessed, but this might change in the future.
Is this why Facebook logged me out of my account?
Yes, Facebook probably reset the access tokens of all affected users. This means that more than 90 million users will have been logged out of their account — either on their phone or computer — in the past day. This also includes users on Facebook Messenger.
When did this attack happen?
The vulnerability was introduced on the site in July 2017, but Facebook didn’t know about it until this month, on September 16, 2018, when it spotted a spike in unusual activity. That means the hackers could have had access to user data for a long time, as Facebook is not sure right now when the attack began.
Did this affect WhatsApp and Instagram accounts?
Facebook said that it’s not yet sure if Instagram accounts are affected, but were automatically secured once Facebook access tokens were revoked. Affected Instagram users will have to unlink and relink their Facebook accounts in Instagram in order to cross post to Facebook.
On a call with reporters, Facebook said there is no impact on WhatsApp users at all.
Are sites that use Facebook Login also affected?
If an attacker obtained your Facebook access token, it not only gives them access to your Facebook account as if they were you, but any other site that you’ve used Facebook to login with, like dating apps, games, or streaming services.
Can I check to see if my account was improperly accessed?
Yes you can, just visit your account’s security and login page once you log back into your Facebook account,and you’ll see where you’ve logged in. If you had your access tokens revoked and had to log in again, you should see only the devices that you logged back in with.
Is the problem fixed?
Yes, according to Facebook, it fixed the vulnerability on September 27, and then began resetting the access tokens of people to protect the security of their accounts.
Should I delete my Facebook account because of the Facebook’s data breach?
That’s up to you! But you may want to take some precautions like changing your password and turning on two-factor authentication, if you haven’t done so already. If you’re weren’t impacted by this, you may want to take the time to delete some of the personal information you’ve shared to Facebook to reduce your risk of exposure in future attacks, if they were to occur.