Newsbytes
  • India
  • Business
  • World
  • Politics
  • Sports
  • Science
  • Entertainment
  • Auto
  • Lifestyle
  • Inspirational
  • Career
  • Bengaluru
  • Delhi
  • Mumbai
  • Videos
  • Phone Reviews
  • Find Cricket Statistics
Hindi
More
Newsbytes
Hindi
Newsbytes
User Placeholder

Hi,

Logout


India
Business
World
Politics
Sports
Science
Entertainment
Auto
Lifestyle
Inspirational
Career
Bengaluru
Delhi
Mumbai
Videos
Phone Reviews
Find Cricket Statistics

More Links
  • Videos

Download Android App

Follow us on
  • Facebook
  • Twitter
  • Linkedin
  • Youtube
 
Home / News / Science News / Got logged out of Facebook? Well, your account was breached
  • Science

    Got logged out of Facebook? Well, your account was breached

    Shiladitya Ray
    Written by
    Shiladitya Ray
    Mail
    Last updated on Sep 29, 2018, 10:38 am
    Got logged out of Facebook? Well, your account was breached
  • On Friday, millions of user started getting abruptly logged out of Facebook. Some, including myself, even got logged out of Messenger.

    While getting logged out would not be alarming normally, Facebook, in this instance, has said that the incident happened as a side effect of its efforts to plug a security breach that affected as many 50 million users!

    Here are the details.

  • In this article
    Details of the security flaw The vulnerability was unintentionally created in July 2017 Why did it take Facebook so long to detect it? While passwords weren't stolen, the damage could still be considerable So what can you do about the breach?
  • Details

    Details of the security flaw

    Details of the security flaw
  • In a blog post on Friday, Facebook said that the vulnerability had been discovered by Facebook's engineering team on September 25.

    Exploiting a vulnerability in Facebook's 'View As' feature, the attackers were able to steal access tokens that allowed them to take over people's accounts.

    Consequently, Facebook reset the access tokens of the 50 million affected accounts, and another 40 million accounts.

  • Timeline

    The vulnerability was unintentionally created in July 2017

    The vulnerability was unintentionally created in July 2017
  • Facebook also said that the vulnerability had been created in July 2017 when a new video upload functionality was launched.

    After discovering anomalies, Facebook launched a probe on September 16, and discovered the vulnerability on September 25.

    The social media giant claims that the vulnerability was fixed on September 27, following which it began resetting access tokens, thereby resulting in users getting logged out.

  • Bugs

    Why did it take Facebook so long to detect it?

    Why did it take Facebook so long to detect it?
  • The vulnerability resulted from the combination of three bugs affecting access tokens in Facebook accounts.

    When the social media giant was asked as to why it took so long to find the bug, Facebook's VP of Product Management, Guy Rosen, said that despite conducting code reviews using static analysis tools, the "complex interaction of bugs that led to this vulnerability" wasn't detected.

  • Damage

    While passwords weren't stolen, the damage could still be considerable

    While passwords weren't stolen, the damage could still be considerable
  • Facebook confirmed that because the attackers took over people's accounts via 'access tokens', which are digital keys that keep you logged in, passwords were not stolen.

    However, it's not known for how long hackers exploited the vulnerability.

    The extent of damage isn't known either- hackers could have stolen profile data (like the Cambridge Analytica scandal), as well as personal data like messages, photos, etc.

  • Information

    So what can you do about the breach?

  • While there's nothing for you to do now, Saket Modi, CEO & Co-Founder of security firm Lucideus, believes that users should, as a precautionary measure, log out and re-log in to their Facebook accounts on all their gadgets.

  • Facebook
  • Kolkata
  • Cambridge Analytica
  • Product Management
  • Guy Rosen
  •  
Latest News
  • NewsBytes Briefing: Facebook promotes cybercriminals targeting its userbase, and more
    NewsBytes Briefing: Facebook promotes cybercriminals targeting its userbase, and more
    Science
  • Tesla crash kills two, CEO Musk denies Autopilot use
    Tesla crash kills two, CEO Musk denies Autopilot use
    Science
  • Coronavirus: Maharashtra orders stricter restrictions starting April 22
    Coronavirus: Maharashtra orders stricter restrictions starting April 22
    India
  • Kamala Harris to feature in Earth Day special on Discovery+
    Kamala Harris to feature in Earth Day special on Discovery+
    World
  • IPL 2021, all-round CSK overcome KKR: Records broken
    IPL 2021, all-round CSK overcome KKR: Records broken
    Sports
Related Timelines
  • #BugAlert: Here's how anyone can suspend your WhatsApp account
    #BugAlert: Here's how anyone can suspend your WhatsApp account
    Science
  • Twitter hackers accessed DMs of dozens of high-profile accounts
    Twitter hackers accessed DMs of dozens of high-profile accounts
    Science
Trending Topics
Samsung SpaceX Apple OnePlus Mobiles Android TV Smart TV Latest Gadget Launch MediaTek Dimensity 1000+ COVAXIN Latest Tech News Upcoming Mobile Phones
Next News Article
Share
Cancel

Want to share it with your friends too?

Facebook Whatsapp Twitter Linkedin
Copied

Love Science news?

Subscribe to stay updated.

Science Thumbnail
India News Business News World News Politics News Sports News Science News Entertainment News Auto News Lifestyle News Inspirational News
Career News Bengaluru News Delhi News Mumbai News Bharti Airtel Mukesh Ambani Indian Premier League Samsung Virat Kohli Rohit Sharma
Cricket News Qualcomm YouTube Hollywood News WhatsApp Bollywood News ISRO Spotify SpaceX Yoga
Honda Batman Football News BMW Vaccine Reliance Jio OPPO Food News, Healthy Recipes Apple Royal Challengers Bangalore
Toyota Fashion Tips Manmohan Singh Sensex Mercedes Taylor Swift Sidharth Malhotra Isha Ambani India Vs England Cricket OnePlus Mobiles
Android TV Smart TV Marvel Comics Avengers
About Us Privacy Policy Terms & Conditions Contact Us News Reviews News Archive Topics Archive Find Cricket Statistics
Follow us on
Facebook Twitter Linkedin Youtube
All rights reserved © NewsBytes 2021