Facebook Hacked: 50 Million Users' Data Exposed

Attackers stole log-in credentials, allowing them to take over user accounts.

• By Jordan Lutke
• Oct 02, 2018

Facebook reported Friday that they had suffered an attack on their network, which exposed the personal information and account details of nearly 50 million users.

The social media giant discovered the breach this week, having found that hackers had exploited a feature of Facebook’s website to gain access to other users’ accounts. Facebook said they had fixed the vulnerabilities and alerted law enforcement authorities to the breach.

The breach was caused by Facebook’s “View As” feature, which allows users to view their own account as if they were a stranger visiting it. The feature provides the user an “access token,” which allows them to log back into their account without resubmitting their information. Hackers exploited this system to harvest access tokens, using them to access other users’ accounts.

“We’re taking it really seriously,” said Mark Zuckerburg, CEO of Facebook. “I’m glad we found this. But it definitely is an issue that this happened in the first place.” Other Facebook officials stated that they did not know the origins or identities of the attackers, or even the scope of the attack, but also said they were still in the beginning stages of an investigation.

Facebook has been undergoing a crisis of trust with its users recently, following allegations the company did not do enough to suppress Russian disinformation campaigns in 2016, and the March 2018 revelation that Cambridge Analytica had been improperly harvesting users’ data.

“We have a responsibility to protect your data,” said Zuckerburg, in March. “And if we can’t, then we don’t deserve to serve you.”

This could be the first major data breach to happen after the EU's GDPR laws have gone into effect. The social media website could see a major lawsuit and deep fines.