Facebook Hacked: 50 Million Users

Facebook Hacked: 50 Million Users' Data Exposed

Attackers stole log-in credentials, allowing them to take over user accounts.

Facebook reported Friday that they had suffered an attack on their network, which exposed the personal information and account details of nearly 50 million users.

The social media giant discovered the breach this week, having found that hackers had exploited a feature of Facebook’s website to gain access to other users’ accounts. Facebook said they had fixed the vulnerabilities and alerted law enforcement authorities to the breach.

The breach was caused by Facebook’s “View As” feature, which allows users to view their own account as if they were a stranger visiting it. The feature provides the user an “access token,” which allows them to log back into their account without resubmitting their information. Hackers exploited this system to harvest access tokens, using them to access other users’ accounts.

“We’re taking it really seriously,” said Mark Zuckerburg, CEO of Facebook. “I’m glad we found this. But it definitely is an issue that this happened in the first place.” Other Facebook officials stated that they did not know the origins or identities of the attackers, or even the scope of the attack, but also said they were still in the beginning stages of an investigation.

Facebook has been undergoing a crisis of trust with its users recently, following allegations the company did not do enough to suppress Russian disinformation campaigns in 2016, and the March 2018 revelation that Cambridge Analytica had been improperly harvesting users’ data.

“We have a responsibility to protect your data,” said Zuckerburg, in March. “And if we can’t, then we don’t deserve to serve you.”

This could be the first major data breach to happen after the EU's GDPR laws have gone into effect. The social media website could see a major lawsuit and deep fines.

About the Author

Jordan Lutke is an intern with 1105 Media.

Featured

  • Evolving Cybersecurity Strategies: Uniting Human Risk Management and Security Awareness Training

    Organizations are increasingly turning their attention to human-focused security approaches, as two out of three (68%) cybersecurity incidents involve people. Threat actors are shifting from targeting networks and systems to hacking humans via social engineering methods, living off human errors as their most prevalent attack vector. Whether manipulated or not, human cyber behavior is leveraged to gain backdoor access into systems. This mainly results from a lack of employee training and awareness about evolving attack techniques employed by malign actors. Read Now

  • Report: 1 in 3 Easily Exploitable Vulnerabilities Found on Cloud Assets

    CyCognito recently released new research highlighting critical security vulnerabilities across cloud-hosted assets, revealing that one in three easily exploitable vulnerabilities or misconfigurations are found on cloud assets. As organizations increasingly shift to multi-cloud strategies, the findings underscore significant security gaps that could provide attackers with potential footholds into networks. Read Now

  • Built for Today, Ready for Tomorrow

    Selecting the right VMS is critical for any organization that depends on video surveillance to ensure safety, security and operational efficiency. While many organizations focus on immediate needs such as budget and deployment size, let us review some of the long-term considerations that can significantly impact a VMS's utility and flexibility. Read Now

  • Paving the Way to Smart Buildings

    In today's rapidly evolving security landscape, the convergence of on-prem, edge and cloud technologies are critical. The physical security landscape is undergoing a profound transformation, driven by the rapid digitalization of buildings and the evolving needs of modern organizations. As the buildings sector pivots towards smart, AI and data-driven operations, the integration of both edge and cloud technology has become crucial. Read Now

  • The Cybersecurity Time Bomb

    If you work in physical security, you have probably seen it: a camera, access control system, or intrusion detection device installed years ago, humming along without a single update. It is a common scenario that security professionals have come to accept as "normal." But here is the reality: this mindset is actively putting organizations at risk. Read Now

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.