San Francisco, Oct 3: Tendering a fresh apology in the data breach that affected 50 million users, Facebook has said that a detailed investigation found no evidence that the hackers accessed any third-party apps using Facebook Login. Telegram Desktop App Leaks Users’ IP Addresses During Voice Call.
In the biggest-ever security breach after Cambridge Analytica scandal, Facebook last week admitted that hackers broke into nearly 50 million users' accounts by stealing their "access tokens" or digital keys. Microsoft Introduces Surface Headphones Along With Surface Pro 6, Surface Studio 2 & Surface Laptop 2.
"We have now analysed our logs for all third-party apps installed or logged in during the attack we discovered last week. That investigation has so far found no evidence that the attackers accessed any apps using Facebook Login," Guy Rosen, Vice President of Product Management at Facebook, said in a statement late on Tuesday. Taiwanese Hacker Threats to Delete Facebook CEO Mark Zuckerberg’s Account; Promises to Live Stream the Event.
Rosen said Facebook has fixed the vulnerability and reset the access tokens for a total of 90 million accounts -- 50 million that had access tokens stolen and 40 million that were subject to a "View As" look-up in 2017.
"Resetting the access tokens protected the security of people's accounts and meant they had to log back into Facebook or any of their apps that use Facebook Login," the Facebook executive said, adding that "we're sorry that this attack happened". Facebook Security Breach: Here's How You Can Check If Your Facebook Account Was Hacked
Any developer using official Facebook SDKs -- and all those that have regularly checked the validity of their users' access tokens - were "automatically protected when we reset people's access tokens".
"However, out of an abundance of caution, as some developers may not use our SDKs, we're building a tool to enable developers to manually identify the users of their apps who may have been affected, so that they can log them out," said Rosen. USD 60 Million in Virtual Currency Hacked in Japan.
Ireland's Data Protection Commission, which is Facebook's lead privacy regulator in Europe, has asked Facebook to submit more details in the incident where data of over 50 million users were hacked.
The privacy watchdog could fine Facebook as much as $1.63 billion for the data breach.