[ad_1]
NEW YORK (AP) – For users, the revelation by Facebook of a data breach that allowed attackers to access 50 million accounts raises an important question: what will happen next?
For the owners of the accounts involved and the additional $ 40 million that Facebook considered to be at risk, the first order of tasks can be simple: reconnect to the application. Facebook has disconnected everyone from 90 million accounts to reset the digital keys stolen by hackers. These keys are normally used to keep users logged in, but also allow third parties to fully control compromised accounts.
The next step is the pending game, as Facebook continues its investigation and users are looking for notifications that their accounts have been targeted by hackers.
What Facebook knows up to now is that hackers have had access to the 50 million accounts by exploiting three separate Facebook code bugs that allowed them to steal these digital keys, technically called "tokens". d & # 39; access. " The company says it has fixed the bugs.
Users do not need to change their Facebook passwords, but security experts say that it can not hurt.
However, Facebook does not know who was behind the attacks or where they are based. During a phone conversation with reporters on Friday, CEO Mark Zuckerberg – whose own account was compromised – said the attackers would have had the opportunity to view private messages or post messages on someone's account. One, but nothing indicates that they did it.
"We do not know yet if one of the accounts has been misused," Zuckerberg said.
Piracy is the latest failure for Facebook during a tumultuous year of security issues and privacy issues. Until now, however, none of these problems has shaken the confidence of the two billion global users of the company.
This latest hacking involved bugs in Facebook's "show as" feature, which allowed people to see how their profile was portrayed to others. Attackers used this vulnerability to steal access tokens from accounts of people whose profiles appeared in searches using the "View as" feature. The attack is then moved from one Facebook friend from one user to another. Possession of these tokens would allow attackers to control these accounts.
One of the more than a year-old bugs was affecting how the View As feature interacted with Facebook's video upload feature for posting Happy Birthday messages, said Vice President Guy Rosen -president of Facebook's product management. But it was not until mid-September that Facebook noticed an increase in unusual activity, and it was only this week that she learned about the attack, Rosen said.
"We have not yet been able to determine if there was specific targeting" of certain accounts, Rosen said during a call to reporters. "It seems wide, and we do not know who was behind these attacks and where they could be based."
Neither passwords nor credit card data were stolen, Rosen said. He said the company had alerted the FBI and regulators in the United States and Europe.
Jake Williams, security expert at Rendition Infosec, said he was concerned that the hacking could have affected third-party applications.
Williams said the company's "Facebook Connect" feature allowed users to connect to other apps and websites with their Facebook credentials. "These stolen access tokens are displayed when a user is logged in to Facebook and this may be sufficient to access a user's account on a third party site," he said.
Facebook confirmed Friday night that third-party apps, including its own Instagram app, could have been affected.
"The vulnerability was on Facebook, but these access tokens allowed someone to use the account as he was the account holder himself," Rosen said.
Earlier this year, Cambridge Analytica, a data analytics company employed by the Trump campaign, improperly obtained access to personal data from millions of user profiles. A congressional investigation then revealed that agents from Russia and other countries had been publishing fake political ads since at least 2016. In April, Zuckerberg appeared at a congressional hearing devoted to the company's privacy practices. Facebook.
The Facebook bug is reminiscent of a much larger attack on Yahoo, in which attackers have compromised 3 billion accounts – half of the world's population. In Yahoo's case, the stolen information included names, email addresses, phone numbers, birth dates, and security questions and answers. He has been among a series of Yahoo hacks over several years.
US prosecutors then accused Russian agents of using the information they stole from Yahoo to spy on Russian journalists, US and Russian government officials, and employees of financial services and other private companies.
In the case of Facebook, it may be too early to know how sophisticated the attackers were and whether they were linked to a nation-state, said Thomas Rid, a professor at Johns Hopkins University. . Rid says that it could also be spammers or criminals.
"Nothing we've seen here is so sophisticated that it requires a state actor," Rid said. "Fifty million random Facebook accounts are not interesting for any intelligence agency."
___
O & # 39; Brien reported from Providence, Rhode Island. Frank Bajak in Boston contributed to this report.
Source link
