50 million compromised Facebook accounts in the latest attack

Facebook announced that it had discovered a new security vulnerability that allowed hackers to take control of 50 million user accounts. The company is still in the early stages of investigating this latest security breach and has announced that the police have been informed.

"In the afternoon of Tuesday, September 25, our engineering team discovered a security problem affecting nearly 50 million accounts," the company said in a statement. "We take this very seriously and want to let everyone know what has happened and the immediate steps we have taken to protect people's safety."

The flaw comes from the way the access tokens are processed. Access tokens are digital keys that allow users to stay connected to their Facebook accounts without having to re-enter their passwords each time. However, because of the way Facebook's code handles the "View As" feature, the company said hackers had unduly taken over people's accounts. The View As feature allows Facebook users to view their profile as if they were browsing the network as another person.

Facebook said the bug had been fixed and, to be careful, had reset the access tokens of 50 million user accounts. In addition, it also resets the access tokens of another Facebook account of 40 million people who accessed the View feature as of last year. A total of 90 million people have been forcibly disconnected from their Facebook accounts as a precaution, the company said.

When users reconnect, they receive a notification in their news feed with details about the attack. Facebook said it temporarily disabled the View feature as it investigated this incident.

"As we have just started our investigation, we still need to determine if these accounts were misused or if information was accessed," the company said. "We do not know who is behind these attacks or where they are based. We work hard to better understand these details. "

This is the latest security scandal to hit Facebook. The company was also involved in the Cambridge Analytica data scandal in early 2018. In this incident, data from nearly 90 million users were affected.