Facebook security breach: 50 million user accounts affected

The company discovered a security breach on Tuesday that allowed it to enter and manipulate accounts. That’s why it forced 90 million users to re-enter their data

The Facebook revealed on Friday that the data of 50 million accounts were unprotected and at the mercy of hackers after a cyber attack. The company issued a statement saying it has already taken steps to correct the problem. The hackers had access to the passwords to enter in the accounts, which allowed them to not only steal the data but also change them.

According to the Mark Zuckerberg, the invaders took advantage of a weakness in the code of a tool of Facebook called “to see like”. It is a tool that allows a user to visualize their profile the way another person sees it. A recent change in the code of another Facebook tool unexpectedly affected this feature and allowed access.

By this way, hackers had access to the tokens of 50 million accounts. This internal key is the code that allows Facebook to record user data so that the user does not have to enter their password each time they enter the network.

Facebook claims it discovered the security breach late Tuesday afternoon. It then deactivated the keys to 50 million profiles that the company estimates to have been affected, as well as 40 million other users who had used the “see-it” feature. That’s why 90 million people who have tried to access the network since then have received the information that their session had been closed and they would have to manually re-enter their data.

Upon entering Facebook, the user sees a message explaining what happened. The company also reported that it has disabled the “see how” function and is reviewing its code.

In the statement, Facebook does not make it clear whether the data has actually been stolen or not, nor whether the accounts ever changed. “As we have just begun our investigation, we have not yet determined whether these accounts have been tampered with or if anyone has accessed the information,” says the text, signed by Vice President of Product Guy Rosen. “We also do not know who is behind this attack or where it is.”

What is clear is that the information that was left unprotected allowed the attackers to manipulate the accounts as if they were the users themselves. Facebook will invalidate the tokens of more accounts if they believe they have been affected.

Facebook has more than 2 billion users worldwide. Over 1 billion people use their subsidiary networks, Instagram and WhatsApp. The company is in the center of attention for the treatment that gives the users personal data, which is the product that the company sells to advertisers. Doubts about Facebook began with the scandal of Cambridge Analytica, a political consulting firm that obtained data from tens of millions of social network users irregularly and then advised Donald Trump’s campaign to the White House in 2016.