Facebook announced that unreported attacks on the network have already revealed personal information of nearly 50 million users. The company said he found a breach earlier this week. The attacker used a flaw to regain users' attacks on Facebook code, the company said.
The social network indicates that this vulnerability was fixed and notified to the police. About 90 million users forcibly log off and reconnect on Friday morning, Facebook notifies the offense. The company said it was a precautionary measure.
This flaw was in Facebook's "View As" tool, which allows Facebook users to view their profile like other people. This can be used to verify that additional information is not made public to the individual, but in this case it looks like Facebook's security flaw. Hackers can do more things:
Our survey is still in its early stages. However, it is clear that an attacker can exploit the vulnerability of Facebook code that affected "View As" and see how users can see their profile. This allowed us to steal the Facebook access token and use it to restart people's account. The access token is equivalent to a digital key that allows users to stay connected to Facebook. You do not need to re-enter your password each time you use the application.
Forced disconnection makes it impossible for ongoing access to your account with stolen security tokens. Facebook last year forced the 50 million accounts who knew that the connection had disconnected, as well as the number of people who used the "View as" function reached 40 million.
A permanent problem is which data can be accessed in violation. Theoretically, the worst thing an attacker can find is everything you can see on your Facebook profile, including your name, birthday, family, and perhaps years of pictures. This is sufficient for phishing attacks against bank accounts and other people's accounts such as credit cards, which means banking and login information should not be at risk. Facebook also says you do not need to change your password.
Hope you like the news Facebook says new hack leaked data of 50 million users. Stay Tuned For More Updates 🙂