Home / News & Resources / News & Updates / What’s happened in the latest Facebook data breach?

What’s happened in the latest Facebook data breach?

  • Posted on

Just when the Facebook/Cambridge Analytica scandal had stopped making the headlines, the social media giant has been struck by another data breach disaster.

It has been revealed that 50 million people's accounts have been exposed due to an error in Facebook's code. This vulnerability meant that hackers could take over people's accounts and see their most private information.

Facebook found the flaw on Tuesday last week but admitted that it could not say how the bug was used or by who. The vulnerability allowed hackers to access the 'View As' privacy tool that allows users to see how their profile looks to other people.

According to a Facebook spokesperson: "Our investigation is still in its early stages. But it's clear that attackers exploited a vulnerability in Facebook's code that impacted "View As", a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people's accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook, so they don't need to re-enter their password every time they use the app."

The company has said that it is sorry, and informed the relevant authorities. But this is unlikely to help the millions of people now worried about cybercriminals having access to their most personal information.

Have you been affected by the latest Facebook data breach?

According to Facebook, the bug has now been fixed, and anyone who broke into an account has now been kicked out.

If your information has been compromised, Facebook will have logged you out. Facebook has also said that it will notify affected users in a message on top of their News Feed about what happened. The social network has also logged out everyone who used the 'View As' feature since the exposure was introduced as a "precautionary measure".

However, it has been suggested that even more than 50 million people could potentially be affected. So it's better to remain vigilant.

A Facebook spokesperson said: "people's privacy and security is incredibly important, and we're sorry this happened". However, following the Cambridge Analytica data breach - which enabled the harvesting of information on around two billion users - sorry is unlikely to be good enough for many users.

What can you do to protect your Facebook account?

It has yet to be determined whether any accounts were misused or any information accessed. But, in the meantime, it's a good idea to change your password. Although that may not undo the impact of this attack. If you haven't already, you should also enable two-factor authentication

If you've used Facebook to login to other accounts or apps, you should also disable these. You can do this by going to 'settings' and selecting 'apps and websites'. All the apps you use Facebook to log in with will be listed. If you have been affected, you should also change the passwords for those accounts.