[ad_1]
<div _ngcontent-c15 = "" innerhtml = "
Facebook has released an update as a result of last month's violation allowing attackers to access the "View As" feature. According to the social networking giant, 30 million accounts could potentially have been accessed by hackers, instead of the 50 million originally listed.
In an update, Guy Rosen, vice president of product management for Facebook, said the company "was working day and night" to investigate the security problem discovered and corrected two weeks ago to help people to understand the information that the attackers could access.
Rosen said the firm had not ruled out the possibility of smaller attacks, on which it is continuing its investigation.
Facebook said it witnessed an "unusual increase in activity" starting on September 14, 2018. After opening an investigation, the company identified that it was in fact a matter of fact. attack on September 25th. As soon as the social network identified the vulnerability, it ended the attack and secured the accounts by resetting the access tokens for potentially exposed people and disabling the "Show as" feature.
"We are cooperating with the FBI, which is actively investigating and asking us not to discuss who might be behind this attack," said Rosen.
How did the attack happen and who was hit?
The social network said that the attackers controlled a set of accounts connected to friends on Facebook. They used an automated technique to switch from one account to another in order to steal the access tokens of these friends and those of friends, totaling about 400,000 people.
However, during the process, this technique automatically loaded the Facebook profiles of these accounts, reflecting what these 400,000 people could have seen by viewing their own page. It included posts on their timelines, lists of friends, groups they are members of and the name of recent Messenger conversations.
Facebook claims that the content of the message was not available to attackers, with one exception. If a person in this group was a page administrator whose page had received a Facebook message, the content was made available to the attackers.
The attackers used some of the 400,000-friend lists to steal access tokens from about 30 million people. Of these, 15 million people were consulted. Attackers also viewed the user name, gender, language, state of relations, religion, place of residence, current declared city, date of birth, types of devices used to access Facebook, education, work, the last 10 saved or tagged places, website, people or pages tracked, and the last 15 searches of another 14 million people.
How do I know which category I belong to?
People can check if they have been affected by visiting the Facebook Help Center. Over the next few days, the social network will send personalized messages to the 30 million people affected to explain the information that attackers could have accessed, as well as to inform people of the measures to take to protect themselves from emails, text messages, SMS suspects. or calls.
What has not been touched?
This attack did not include Messenger, Kids Messenger, Instagram, WhatsApp, Oculus, Workplace, Pages, Payments, Third Party Apps, Advertising Accounts or Developer.
What are the implications?
It took two weeks for Facebook to reveal information about this massive breach. The incident was reported quickly, but the company has been slow to inform users of the procedure. This comes after Google has admitted that Google Plus user information was potentially exposed earlier this year. While people continue to entrust their data to technology companies, security must be extremely clear. As these incidents show, there is still a lot of work to be done to protect information and react quickly when the worst happens.
KRAKOW, POLAND – 2018/08/17: The Facebook logo appears on a Huawei smartphone with the word "data breach on a laptop monitor". (Photo by Omar Marques / SOPA Images / SOPA Images / LightRocket via Getty Images)
">
Facebook has released an update as a result of last month's violation allowing attackers to access the "View As" feature. According to the social networking giant, 30 million accounts could potentially have been accessed by hackers, instead of the 50 million originally listed.
In an update, Guy Rosen, vice president of product management for Facebook, said the company "was working day and night" to investigate the security problem discovered and corrected two weeks ago to help people to understand the information that the attackers could access.
Rosen said the firm had not ruled out the possibility of smaller attacks, on which it is continuing its investigation.
Facebook said it witnessed an "unusual increase in activity" starting on September 14, 2018. After opening an investigation, the company identified that it was in fact a matter of fact. attack on September 25th. As soon as the social network identified the vulnerability, it ended the attack and secured the accounts by resetting the access tokens for potentially exposed people and disabling the "Show as" feature.
"We are cooperating with the FBI, which is actively investigating and asking us not to discuss who might be behind this attack," said Rosen.
How did the attack happen and who was hit?
The social network said that the attackers controlled a set of accounts connected to friends on Facebook. They used an automated technique to switch from one account to another in order to steal the access tokens of these friends and those of friends, totaling about 400,000 people.
However, during the process, this technique automatically loaded the Facebook profiles of these accounts, reflecting what these 400,000 people would have seen by viewing their own page. It included posts on their timelines, lists of friends, groups they are members of and the name of recent Messenger conversations.
Facebook claims that the content of the message was not available to attackers, with one exception. If a person in this group was a page administrator whose page had received a Facebook message, the content was made available to the attackers.
The attackers used some of the 400,000-friend lists to steal access tokens from about 30 million people. Of these, 15 million people were consulted. Attackers also viewed the user name, gender, language, state of relations, religion, place of residence, current declared city, date of birth, types of devices used to access Facebook, education, work, the last 10 saved or tagged places, website, people or pages tracked, and the last 15 searches of another 14 million people.
How do I know which category I belong to?
People can check if they have been affected by visiting the Facebook Help Center. Over the next few days, the social network will send personalized messages to the 30 million people affected to explain the information that attackers could have accessed, as well as to inform people of the measures to take to protect themselves from emails, text messages, SMS suspects. or calls.
What has not been touched?
This attack did not include Messenger, Kids Messenger, Instagram, WhatsApp, Oculus, Workplace, Pages, Payments, Third Party Apps, Advertising Accounts or Developer.
What are the implications?
It took two weeks for Facebook to reveal information about this massive breach. The incident was reported quickly, but the company has been slow to inform users of the procedure. This comes after Google has admitted that Google Plus user information was potentially exposed earlier this year. While people continue to entrust their data to technology companies, security must be extremely clear. As these incidents show, there is still a lot of work to be done to protect information and react quickly when the worst happens.
KRAKOW, POLAND – 2018/08/17: The Facebook logo appears on a Huawei smartphone with the word "data breach on a laptop monitor". (Photo by Omar Marques / SOPA Images / SOPA Images / LightRocket via Getty Images)
