TEMPO.CO, Jakarta - Facebook found a security breach that affected nearly 50 million accounts. Facebook’s VP of Product Management Guy Rosen said that the social media giant takes this issue seriously and that Facebook will protect its users' security.
Rosen said that the attacker exploited a vulnerability related to the "View As" feature, which lets people see what their own profile looks like to others.
"This allowed them to steal Facebook access tokens which they could use to take over people’s accounts,” Rosen said.
The access tokens are equivalent to digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.
Read also: Facebook Enables Safety Check for Donggala Earthquake
According to Techcrunch, the vulnerability began in July 2017, but Facebook did not realize it until September 16 2018 when it saw unusyual activities—prompting them to launch an investigation.
Facebook has switched off the “View As” feature in the meantime while it investigates the bug further.
Facebook has yet to determine who are behind the attack, and the FBI is currently investigating it. However, in the past Facebook had found evidence of Russia's efforts to compromise the US presidential elections, although this does not necessarily mean that Russia is responsible for the new attack.
NEWSROOM.FB | TECHCRUNCH