Facebook yet again has encountered a cybersecurity attack. On 28th September, Friday afternoon, the social media giant made an announcement saying that its engineering team has discovered a security issue. The only relief is that it has been fixed and the law enforcement has been informed about it.
So here is what happened. Hackers were able to steal Facebook access tokens through the” view as” a feature that lets people see how their profile looks to someone else. Hackers were able to take over the accounts of other people through this technique.
Access tokens are more or less the same as digital keys. They keep people logged into Facebook without re-entering their password whenever they want to use the Facebook app.
According to Facebook, 50 million accounts were compromised. The company has reset the access tokens. Facebook said that no one needs to change their passwords. All they have to do is log back into Facebook or any other app they use as Facebook login.
90 billion of the Facebook users were suddenly logged out of their accounts by Facebook. It was the company’s subtle way of letting people know their accounts have been compromised. To be honest, this security breach is more troubling than a hack. This master key could have been used by the criminals to impersonate the victims at multiple other websites and apps that they use to sign by using their Facebook credentials. Facebook says that it has invalidated these access keys but there is still no update on what kind of damage has been done.
How serious was this attack?
Facebook has kept much of the information about this attack a mystery. They reassured that the breach did not compromise the credit card data but it has yet to determine what actually happened such as who was the target, the motive behind the attack and whether the data from the accounts was miscued.
Facebook has been in controversy for 2 years and this latest episode of hack has made users even more skeptical about this social media giant.
After the breach, Facebook has turned off its “view as” feature temporarily until it looks into the attack in detail. In a conference, the CEO of Facebook Mark Zuckerberg said they are taking the attack seriously. He didn’t hesitate in saying that they need to develop new tools continuously to prevent such attacks from happening in the first place. Although that’s very humble of him but it puts Facebook on the spotlight yet again.
Are more people going to leave Facebook?
Cybersecurity experts say that this hack was technical. It involved several layers of vulnerabilities. But surprisingly, this breach did not really alarm people as it should have. You might be thinking that more and more people should be deactivating their Facebook accounts after the attack. But results say otherwise. A survey revealed that 60 percent people have still decided to stick with Facebook. It seems like it is hard for the users to feel the effects of a security breach unless their lives are compromised by it tangibly.
We hope Facebook comes up with a more useful strategy to prevent further breaches from happening and gets down to the bottom of this attack soon.