top of page
Search
Writer's pictureRobin

About That: Facebook Says Hackers Just Breached 50 Million Accounts.

What Happened and What do you need to do!


Last Friday: Facebook noticed a spike (dramatic increase) in traffic (people) on their servers.

Hackers (the bad guys) had exploited (taken advantage of) 3 Facebook vulnerabilities (bugs).

The bugs involve access tokens that allowed access for you to be able to view parts or your entire Facebook page.

A access token is string of characters which was sent to you after you request access to a specific website.***(See Geek Information of you want to know more)

This vulnerability allowed attackers to steal users' access tokens, which they could then use to gain access to the Facebook account and possibly other third-party websites that the user had logged into using his or her Facebook credentials, like Instagram, Spotify and Airbnb.

Personally identifiable information, like social security numbers, passwords or credit cards, weren't stolen.

Facebook found the breach on Tuesday and fixed it by Thursday night

In order to fix the breach, Facebook logged 90 million people off of its website — all 50 million who were affected, and another 40 million as a precautionary measure.

So, if you are still concerned here is what you need top do:

Log out, log back in

Log out on all of your devices, to help prevent hackers from accessing your saved data.

Change your password

Changing your password is always a good idea

Check your payments

While Facebook hasn’t said that any payment card information attached to people’s accounts was compromised or misused, it’s still a good idea to monitor and check for any unknown activity on your account.

GEEK INFORMATION

When you enter an email address into a website to join a mailing list, you’re often asked to check your email and click on a link. The link looks something like this:

https://www.website.com/confirm_email?token=4bdebebc-135b-4748-b7ab-25b31a285df8

In this case, the ‘token’ is this string of characters, which was sent to you. It’s a unique string of characters, which, when you click on it, tells the server that “yep, the person definitely got the email, so the email account is definitely theirs.”.

So, the website sent you a token, and you sent it back, proving you had control of that email address.


17 views0 comments

Recent Posts

See All

Fake News

Comments


bottom of page