[ad_1]
Facebook is cleaning up after a major security incident has highlighted the account data of millions of users. The year that has already been tough after the Cambridge Analytica scandal, the company is struggling to regain the trust of its users after another security incident.
Here is everything you need to know so far.
What happened?
Facebook claims that at least 50 million user data were confirmed at risk after hackers exploited a vulnerability that allowed them to access personal data. The company has also obtained 40 million additional accounts as a precautionary measure as a precautionary measure.
What is the data after hackers?
Facebook CEO Mark Zuckerberg said the company had not seen any compromised and inaccessible accounts – even though it was early days and could change. But Zuckerberg said the attackers were using Facebook developer APIs to get information, such as "name, sex, and hometowns" related to a user's profile page.
What data was not taken?
Facebook said it was unlikely that private messages would be accessible. No credit card information was taken in the breach, said Facebook. Again, this can change when the company's investigation continues.
What is an access token? Do I have to change my password?
When you enter your username and password on most sites and applications, including Facebook, your browser or device is assigned access tokens. This allows you to stay connected, without having to enter your credentials each time you log in. But the token does not store your password – so there is no need to change your password.
Is this why Facebook has disconnected from my account?
Yes, Facebook says that it resets the access tokens of all concerned users. This means that some 90 million users will have been disconnected from their account, either on their phone or computer. This also includes users on Facebook Messenger.
When did this attack take place?
The vulnerability was introduced on the site in July 2017, but Facebook did not know it until this month, September 16, 2018, when it detected an unusual spike in activity. This means that hackers could have access to user data for a long time because Facebook is not sure when the attack began.
Who would do that?
Facebook does not know who attacked the site, but the FBI is investigating, he says.
However, in the past, Facebook has found evidence of Russia's attempts to meddle in American democracy and influence our elections – but that does not mean that Russia is behind this new attack. The award is incredibly difficult and requires a lot of time and effort. It took more than two years for the FBI to confirm that North Korea was behind Sony's hacking in 2016 – so we could wait a long wait.
How did the attackers enter?
Not one, but three bugs led to data exposure.
In July 2017, Facebook inadvertently introduced three vulnerabilities into its video downloader, said Guy Rosen, vice president of Facebook's product management, at a call to reporters. When you use the "View As" feature to view your profile as "other person," the video downloader sometimes appears when it should not display at all. When he appeared, he generated an access token using the person with whom the profile page was viewed. If this token was obtained, an attacker could log in to the other person's account.
Is the problem solved?
Facebook claims to have corrected the vulnerability on September 27, and then began to reset people's access tokens to protect the security of their accounts.
Has this affected WhatsApp and Instagram accounts?
Facebook said it was not yet sure Instagram accounts would be affected, but that they were automatically secured once the Facebook access tokens were revoked. Relevant Instagram users will need to unlink and link their Facebook accounts to Instagram to post to Facebook.
At a call with reporters, Facebook said that there was no impact on WhatsApp users.
Will Facebook be fined or sanctioned?
If it is discovered that Facebook has breached the European data protection rules – the new General Regulations on Data Protection (GDPR), the company may incur fines of up to four percent of its overall revenues.
However, this fine can only be imposed when Facebook knows more about the nature of the violation and the risks to users.
Another data breach of this magnitude – particularly as a result of the Cambridge Analytica scandal and other data leaks – has prompted some members of Congress to call for regulation of the social network. Senator Mark Warner (D-VA) sent a stern reprimand to Facebook about today's news, and again pushed his proposal to regulate companies holding large data sets
FTC Commissioner Rohit Chopra, also tweeted I want answers about Facebook hacking. It is reasonable to assume that there may be investigators in the United States and Europe to determine what happened.
Can I check if my account has been accessed incorrectly?
You can. Once you're signed in to your Facebook account, you can access your account's login and security page, where you can see where you've signed in. devices with which you reconnected.
Do I have to delete my Facebook account?
It's up to you to see! But you may want to take some precautions, such as changing your password and enabling two-factor authentication, if you have not already done so. If this does not concern you, you can take the time to delete some of the personal information you have shared on Facebook to reduce the risk of exposure in future attacks, if any.
[ad_2]
Source link