[ad_1]
<div _ngcontent-c15 = "" innerhtml = "
Facebook has released an update as a result of last month's violation allowing attackers to access the "View As" feature. According to the social networking giant, 30 million accounts could potentially have been accessed by hackers, instead of the 50 million originally listed.
Facebook admitted that confidential information such as names and dates of birth were available during the September cyber-assault.
In an update, Guy Rosen, vice president of product management for Facebook, said the company "worked tirelessly" to investigate the security issue uncovered and corrected two weeks ago.
Rosen said the company had not ruled out the possibility of new, smaller scale attacks, on which it continues to investigate. The social network did not reveal the identity of the author, but stated that he was getting acquainted with the FBI about it. "We are cooperating with the FBI, which is actively investigating and asking us not to discuss who might be behind this attack," said Rosen.
How did the attack happen and who was hit?
Facebook witnessed an "unusual spike" beginning September 14, 2018. After an investigation, the company identified a cyber attack on September 25. As soon as the social network identified the vulnerability, it stopped the attack and secured the people accounts by resetting the access tokens for potentially exposed people, also disabling the "Show as" function.
The social network said that the attackers controlled a set of accounts connected to friends on Facebook. They used an automated technique to switch from one account to another in order to steal access tokens from friends and friends, for a total of about 400,000 people.
During the process, this technique automatically loaded the Facebook profiles of these accounts, reflecting what they would have seen by viewing their own page. This included posts on their timelines, lists of friends, groups and the names of the latest Messenger conversations.
Facebook claims that the content of the message was not available to attackers, with one exception: if a person in this group was an administrator of the page whose page had received a message from someone on Facebook , the content was available to the attackers.
Opponents used some of the 400,000-friend lists to steal access tokens from about 30 million people. Of these, 15 million people were consulted. 14 million people are even more affected. Attackers can also see their user name, gender, language, status of their relationship, religion, hometown, current city, date of birth, types of devices used to access Facebook, the number of users. education, work, website, people or pages followed and the last 15 searches.
How do I know which category I belong to?
People can check if they have been affected by visiting the Facebook Help Center. Over the next few days, the social network will send personalized messages to the 30 million people affected to explain the information the attackers could have accessed, as well as to inform people about the steps to take to protect themselves from emails, text messages or other suspicious messages. calls.
What has not been touched?
This attack did not include Messenger, Kids Messenger, Instagram, WhatsApp, Oculus, Workplace, Pages, Payments, Third Party Apps, Advertising Accounts or Developer.
What are the implications?
It took two weeks for Facebook to reveal information about this massive breach. The incident was reported quickly, but the company has been slow to inform users of the procedure. This comes after Google has admitted that Google Plus user information was potentially exposed earlier this year. While people continue to entrust their data to technology companies, security must be extremely clear. As these incidents show, there is still a lot of work to be done to protect information and react quickly when the worst happens.
KRAKOW, POLAND – 2018/08/17: The Facebook logo appears on a Huawei smartphone with the word "data breach on a laptop monitor". (Photo by Omar Marques / SOPA Images / SOPA Images / LightRocket via Getty Images)
">
Facebook has released an update as a result of last month's violation allowing attackers to access the "View As" feature. According to the social networking giant, 30 million accounts could potentially have been accessed by hackers, instead of the 50 million originally listed.
Facebook admitted that confidential information such as names and dates of birth were available during the September cyber-assault.
In an update, Guy Rosen, vice president of product management for Facebook, said the company "worked tirelessly" to investigate the security issue uncovered and corrected two weeks ago.
Rosen said the company had not ruled out the possibility of new, smaller scale attacks, on which it continues to investigate. The social network did not reveal the identity of the author, but stated that he was getting acquainted with the FBI about it. "We are cooperating with the FBI, which is actively investigating and asking us not to discuss who might be behind this attack," said Rosen.
How did the attack happen and who was hit?
Facebook witnessed an "unusual spike" beginning September 14, 2018. After an investigation, the company identified a cyber attack on September 25. As soon as the social network identified the vulnerability, it stopped the attack and secured the people accounts by resetting the access tokens for potentially exposed people, also disabling the "Show as" function.
The social network said that the attackers controlled a set of accounts connected to friends on Facebook. They used an automated technique to switch from one account to another in order to steal access tokens from friends and friends, for a total of about 400,000 people.
During the process, this technique automatically loaded the Facebook profiles of these accounts, reflecting what they would have seen by viewing their own page. This included posts on their timelines, lists of friends, groups and the names of the latest Messenger conversations.
Facebook claims that the content of the message was not available to attackers, with one exception: if a person in this group was an administrator of the page whose page had received a message from someone on Facebook , the content was available to the attackers.
Opponents used some of the 400,000-friend lists to steal access tokens from about 30 million people. Of these, 15 million people were consulted. 14 million people are even more affected. Attackers can also see their user name, gender, language, status of their relationship, religion, hometown, current city, date of birth, types of devices used to access Facebook, the number of users. education, work, website, people or pages followed and the last 15 searches.
How do I know which category I belong to?
People can check if they have been affected by visiting the Facebook Help Center. Over the next few days, the social network will send personalized messages to the 30 million people affected to explain the information the attackers could have accessed, as well as to inform people about the steps to take to protect themselves from emails, text messages or other suspicious messages. calls.
What has not been touched?
This attack did not include Messenger, Kids Messenger, Instagram, WhatsApp, Oculus, Workplace, Pages, Payments, Third Party Apps, Advertising Accounts or Developer.
What are the implications?
It took two weeks for Facebook to reveal information about this massive breach. The incident was reported quickly, but the company has been slow to inform users of the procedure. This comes after Google has admitted that Google Plus user information was potentially exposed earlier this year. While people continue to entrust their data to technology companies, security must be extremely clear. As these incidents show, there is still a lot of work to be done to protect information and react quickly when the worst happens.
KRAKOW, POLAND – 2018/08/17: The Facebook logo appears on a Huawei smartphone with the word "data breach on a laptop monitor". (Photo by Omar Marques / SOPA Images / SOPA Images / LightRocket via Getty Images)
