In one of the biggest security breach, Facebook has suffered a major setback as hackers had accessed around 50 million user accounts. The social media giant on Friday said a cyber attack had exposed the personal information of those users.
According to the reports, the hackers were able to access the token using the site’s “View As” feature. The feature allowed them to pilfer access tokens with which they used to control over users’ accounts. The token is the equivalent of digital keys that can keep the users logged in to the site so that they don’t have to re-enter their password on their app.
Facebook said the investigation on the issue is “still in its early stages” but it has found out that the hackers used the code through “View As” feature that lets users see what their own profile looks like to another user’s profile. The vulnerability had been fixed and informed the law enforcement by its security team.
The company added it has also taken the precautionary step of resetting access tokens for another 40 million accounts that have been subject to a “View As” look-up in the previous year.
After the fixation, around 90 million people will now have to log back into Facebook, or any of their apps that use Facebook login. The site is temporarily turned off the ‘View As’ feature while conducting a thorough security review, said the company.
Facebook has also admitted that it does not know who is behind the massive security attack.
The incident took place a year after the site’s two artificially intelligent programs were found chatting to each other in a strange language no human can understand.