Many facebook users have been logged out of their account last September 25 and if you are one them your account might have been exposed. Facebook recently announced that there was as security breach to about 50 Million facebook accounts on September 25, 2018.
How The Facebook Hack Happened
According to the team in Facebook handling the situation, the hack happened when the attackers exploited the “View As” vulnerability. The “View As” tab allows people to see their profile according to how it looks like to someone else. The attackers exploited this by stealing access tokens which they can use to take over the accounts of people. Access tokens are like digital keys that keeps you logged in to your account, so everytime you access the Facebook app you do not have to log in.
What Facebook Did After Discovering the Issue
According to Facebook they took several steps to fix the issue and here are some of them as disclosed by their team:
- They fixed the vulnerability issue
- They informed the law enforcement about this issue
- Access tokens of about 50 Million accounts were reset
- Another 40 Million access tokens were reset as precautionary measure, these accounts used the “View As” feature since last year.
- They disabled the “View As” feature to thoroughly conduct a security review.
What you can do
Although facebook, in their Security update, informed people that there is no need to change passwords you still have to take precautionary measures to protect your own profile and privacy, here are some of the things you can do.
- Ignore Facebook and Change your Password in your Facebook Account
- Regularly change your password in your email account associated with your social media accounts.
- Always enable two-factor authentication not only on Facebook but in all platforms that you are using when available.
Everyday, platforms are being attacked by people who wants to steal data and breach the privacy of individuals. While the platforms such as Facebook are doing their best to ward off these attackers it is in our duty to also harden the security in our account.