A hacker gained access to the information of nearly 50 million Facebook user accounts in what appears to be the largest security breach in the company’s history.
In a message posted on Friday, Facebook CEO Mark Zuckerberg, a White Plains native who attended Ardsley High School, said that “we do not yet know whether these accounts were misused, but we are continuing to look into this and will update when we learn more.”
Facebook said that the attack was discovered earlier this week, and that the hacker or hackers exploited a security flaw in the system to take over the accounts. The flaw was in relation to the “View As” option that allows people to see what their personal profile would look like to someone viewing it.
Guy Rosen, the Vice President of Product Management stated that they’ve fixed the vulnerability and informed law enforcement. He noted that they have reset the access tokens to the millions of accounts that were affected. An additional 40 million accounts will also get that treatment as a precaution. The “View As” option is also being turned off.
“This attack exploited the complex interaction of multiple issues in our code. It stemmed from a change we made to our video uploading feature in July 2017, which impacted ‘View As,” he explained. “The attackers not only needed to find this vulnerability and use it to get an access token, they then had to pivot from that account to others to steal more tokens.
“People’s privacy and security is incredibly important, and we’re sorry this happened. It’s why we’ve taken immediate action to secure these accounts and let users know what happened. There’s no need for anyone to change their passwords.”
Zuckerberg added that, “we face constant attacks from people who want to take over accounts or steal information around the world. While I'm glad we found this, fixed the vulnerability, and secured the accounts that may be at risk, the reality is we need to continue developing new tools to prevent this from happening in the first place.”
Click here to follow Daily Voice Tappan-Blauvelt and receive free news updates.