Facebook hack exposes personal data of 50 million users

Facebook said it does not know the identity of the hackers or the origin of the hack, and the full scope of what information was accessed is unknown.

Maybe you were like me and woke up to your Facebook account forcibly logged out this Friday. Now we know more about why. On Friday, Facebook announced that a cyber attack earlier this week exposed the personal information of up to 50 million users, and as a safety measure, around 90 million users were being logged out and asked to re-enter their passwords. Fifty million people were definitely impacted and 40 million accounts were logged out as a “precautionary step,” the company said.

Facebooks said the hack exploited the company’s code introduced in July 2017 to let users upload Happy Birthday videos. The code was associated with the  “View As” feature that lets people see what their profiles look like to other people. “This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts,” Guy Rosen, Facebook’s vice president of product management, said in a statement. “Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.” The data vulnerability allowed users to gain control of a Facebook account directly without needing a password.

Following the cyber attack, Facebook said it fixed the vulnerability in its code, temporarily suspended the “View As” feature, and has informed law enforcement.

Facebook data breach is the latest scandal for the embattled company

Facebook said there is no need to change your password, but you may as well log out if you have not been asked to already to be safe. So far, there are many troubling unknowns about what exactly happened. Facebook said it does not know the identity of the hackers or the origin of where it took place, and it does not know the full scope of what information the hackers accessed or misused. This is not comforting news! Through a Facebook account, you can potentially learn a lot about a person’s friends, posts, contact information, and other private information you do not want to be made public to a hacker.

The data breach occurs at a particularly tumultuous time for the social media giant. Facebook is already facing user trust issues after 87 million Facebook users had their personal information exposed by political firm Cambridge Analytica. The scandal was a final break for many, resulting in a #DeleteFacebook campaign.

Nevertheless, Facebook is still enormously popular. More than two billion people entrust their data to the social network each month. After the Cambridge Analytica scandal, Facebook CEO Mark Zuckerberg promised that Facebook would do better. “We have a responsibility to protect your data, and if we can’t then we don’t deserve to serve you,” he said earlier this year. “I know it takes longer to fix all these issues than we’d like, but I promise you we’ll work through this and build a better service over the long term.”

But people may not want to wait around for this better service. After each scandal, users become more aware of how vulnerable their information can be to hacks. It remains to be seen how many people still want to stick around to see if Facebook still deserves their trust.

Monica Torres|is a reporter for Ladders and can be reached at mtorres@theladders.com.