[ad_1]

Here's why it's so hard to leave Facebook

Facebook says it has found no evidence “so far” that its attackers accessed third-party sites through Facebook logins.

This is good news regarding the massive data breach that the company first disclosed last week. The attackers accessed more than 50 million accounts in the largest such breach into Facebook’s network.

“We have now analyzed our logs for all third-party apps installed or logged in during the attack discovered last week. That investigation has so far found no evidence that the attackers accessed any Facebook account using Facebook logins.” Have also accessed the app.” Facebook’s Guy Rosen said in a statement.

on friday, Facebook ,american plan, It was announced that unknown attackers had exploited a vulnerability to access the accounts. They were able to view other people’s Facebook profiles as if they were the owner of the account. For example, they could see friends’ profiles and updates.

Facebook says it closed the flaw Thursday night, but 90 million users were forcibly logged out of their accounts as a precaution.

The attackers stole Facebook’s “access tokens,” which keep a person logged in to their Facebook account for a long period of time. Facebook has reset all 50 million tokens, as well as tokens for an additional 40 million people who used the “View As” feature last year as a precautionary step.

During a call about the hack last week, Rosen said the attackers would also have been able to access third-party sites using Facebook logins, but the company has found no evidence of them doing so.

Hundreds of sites and apps, including Tinder, Spotify and Airbnb, use Facebook Login, which lets people access services with their Facebook username and password. Earlier this week, developers were confused about whether their services were exposed in the Facebook hack.

The company says partners who followed Facebook’s “best practices” were automatically protected. Some developers may not have followed those rules, and they could be putting their users at risk.

“We’re sorry this attack happened — and we’ll continue to update people as we get more information,” Rosen said.

—CNN’s Donnie O’Sullivan contributed reporting.

CNNMoney (San Francisco) First Published October 2, 2018: 7:13pm ET

[ad_2]

Source link