The social networking company; Facebook said on Friday, that it has discovered a security flaw affecting about 50 million user accounts which could have allowed attackers to take over those accounts. The company has more than 2 million users and since claims to fix the vulnerability and inform the law enforcement.
The attackers exploited a vulnerability in Facebook’s code that impacted ‘View As’, a feature that lets people see what their own profile looks like to someone else, the company said in a blog post. The breach forced millions of Facebook’s users across the globe to log out of their accounts as the company “reset the access tokens of the almost 50 million accounts that were affected to protect their security.”
It is a very serious security issue, and we’re taking it very seriously. – CEO Mark Zuckerberg
The company asserts in a blog post that its engineering team found that attackers acknowledged a weakness in Facebook’s code regarding its “View As” feature on Tuesday. Facebook became conscious of a possible attack that might strike after it noticed a spike in user activity on Sept. 16 and hence brings the Facebook security update.
Zuckerberg claims to have taken “precautionary measures”. Facebook has re-tuned the access tokens of the 50 million affected accounts. As a precaution, the company has reset access tokens for another 40 million accounts that have looked up through the “view as” option in the last year and so the ‘View As’ feature has been turned off for the time being.
Well to see, this is not the first time Facebook has experienced a major security breach. In March this year, the world’s largest social media network faced government scrutiny in Europe and the United States following a whistleblower’s allegations that London-based political consultancy Cambridge Analytica had improperly accessed users’ information to build profiles on American voters that were made to help elect US President Donald Trump in 2016.
The CEO of the company does understand how security matters to its users and so he apologizes to the users “I’m really sorry this happened” as said in an interview.