THE BRIEF

Facebook reported a security breach that affected around 50 million accounts. The details on the breach and its exact effects on those users have yet to be determined or announced.

DEEP DIVE

What Happened?

On Tuesday, September 25, Facebook engineers discovered a security breach that affected nearly 50 million accounts.

On Friday the 28th, the company reported this breach and outlined some of the measures they are taking to investigate it. According to a security update published to Facebook by Guy Rosen, VP of product management,  hackers “exploited a vulnerability in Facebook’s code.” This vulnerability was part of Facebook’s “View As,” feature, which allows users to see what their profiles look like to other users. Hackers then were able to steal “Facebook access tokens,” digital keys which allowed them to take over people’s accounts.

Guy Rosen’s report states: “since we’ve only just started our investigation, we have yet to determine whether these accounts were misused or any information accessed. We also don’t know who’s behind these attacks or where they’re based.”

As a security measure, Facebook has logged around 90 million people out of their accounts: the 50 million hacked accounts and an additional 40 million accounts who had used the “View As” feature. Owners of these accounts can reaccess them simply by logging in and providing their existing password. Facebook has also disabled the “View As” feature until further notice.

Facebook has about 2.23 billion active users. The day the breach was reported, Facebook’s stock has gone down by 4.38 points, about 2.59%.

Did This Affect Your Account?

Your account may have been affected. If you find yourself logged out of your account, when you log back in, check for a message from Facebook on the top of your newsfeed. Those whose accounts were breached should receive such a message. If you were logged out of your account but do not see a message, it is likely that you were potentially at risk because you used the “View As” feature, but that your account has not been hacked.

Going Forward

According to Facebook, the issue has been fixed, but its investigation is still in its preliminary stages.

In the wake of this breach and past ones, some people have been deleting their Facebook accounts, choosing to use other social media platforms instead.

Even if your account was not breached, it is important to educate yourself and your family about internet safety and privacy.