There was a security breach in Facebook two weeks ago that allowed hackers to control 50 million accounts and the company today is sharing more details about the attack. The attackers said to have exploited a vulnerability in Facebook’s code that existed between July 2017 and September 2018. The vulnerability was the result of a complex interaction of three distinct software bugs and it impacted “View As." This allowed attackers to steal Facebook access tokens, which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep users logged in to Facebook, so they don’t need to re-enter their password every time they use the app. Facebook said that it noticed an unusual spike of activity that began on September 14, 2018, and started an investigation. Again on September 25th, it determined that it was an attack and identified the vulnerability and closed the vulnerability in two days, stopped the attack, and secured people’s accounts by resetting the access tokens. It also turned off the 'view as.' However, the company now says that only fewer people were impacted than it originally thought. A total of 30 million were attacked instead of 50 million. The attackers ...
Read Here»
Subscribe to:
Post Comments (Atom)
Post a Comment Blogger Facebook
We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. As the comments are written and submitted by visitors of The Sheen Blog, they in no way represent the opinion of The Sheen Blog. Let's work together to keep the conversation civil.