Facebook just announced that on September 25 some 50 million accounts on their platform were hacked by hackers. The attacker on Facebook’s computer network has stolen the data of 50 million people.
After this attack, Facebook’s vice president said ”Facebook’s engineering team found the anomaly on September 25 that affected around 50 million accounts and that investigation is in early stages”. He also added,” Hackers used Facebook’s ‘view as’ feature to steal Facebook access tokens, which could be used to take over the accounts of others, it's not yet clear who was behind the attack.”. After this attack, Facebook removed ‘View as’ feature.
What is ‘View As’ feature?
It’s a Facebook’s feature shown up when you edit your account details or the profile picture. This feature is used to view your profile as someone else or public.
What are access tokens behind this attack?
The cause of this attack is access tokens or also known as digital keys. These are the keys that keep users logged in the to Facebook so they don’t have to enter their password every when they want to log in.
After this attack Facebook has taken the following steps:
-Fixed the issue and informed to the law enforcement.
-Access tokens of 50 million accounts who were hacked are reset and additionally resetting tokens for another 40 million accounts who used the “View as” feature in the last year.
-For temporally removed “View As” feature from Facebook.