Facebook Security Breach Revealed to be Worse than Thought

Combined Shape

Have you logged out of Facebook lately? Have you changed your Facebook password? What about Instagram, Spotify or any other app you log into with your private Facebook information?

The New York Times reported that last week 90 million Facebook subscribers were forced to log out of their accounts due to an unprecedented security breach.

Facebook announced on Sept. 28 that hackers had accessed and exposed personal information of 50 million users, its largest security breach ever reported.

Hackers gained access “as if they were … the account holder themselves,” Guy Rosen, Facebook’s vice president of product management, said in a conference call related to the announcement.

The attackers accessed Facebook accounts through a bug in one of Facebook’s video-uploading programs that had been introduced in June 2017, allowing them to create “access tokens,” or digital keys that allow access to a user’s account without the necessity of entering their name and password at each login.

Trending:
Fred Weinberg: Getting Rid of Liz Cheney Is the Start to Taking Back Our Government

As if Facebook were not enough, The Sun revealed the hackers also gained access to third-party services such as Instagram, Messenger, Tinder, Spotify and other apps that allow subscribers to use their personal Facebook credentials to access their sites, causing a potential for a chain reaction breach of personal information affecting hundreds of millions of accounts.

Even with the hackers’ broad access to many sites, a Spotify spokesperson stated that none of its systems were compromised.

Facebook’s integration with so many apps and websites creates a playground for hackers seeking to exploit weaknesses and vulnerabilities in social media technology, wreaking havoc on the personal information of consumers and businesses alike.

Facebook reportedly knew of a potential problem 10 days prior to its announcement of the breach. On Sept. 18, Facebook discovered what it considered unusual activity that appeared in the form of a large spike in users and launched its own investigation, but it was not until Sept. 25 that Facebook actually discovered the source of the attack and the resulting vulnerability.

Would you feel safer using an alternative to Facebook if there were one?

The following day, Facebook notified law enforcement, but it did not complete an actual fix of the problem until Sept. 27. Facebook finally disclosed and notified its users of the attack on Sept. 28, a full 10 days after its initial discovery of the suspicious activity.

Facebook said ¨it had fixed the vulnerabilities and notified law enforcement officials,” according to The Times. “Company officials do not know the identity or the origin of the attackers, nor have they fully assessed the scope of the attack or if particular users were targeted. The investigation is still in its beginning stages.¨

Facebook said it was not aware that any foreign entity was involved in the breach, as was the case during the 2016 elections.

CEO Mark Zuckerberg told reporters in a conference call, “I’m glad we found this, but it definitely is an issue that this happened in the first place.”

“The big fear is that hackers will have used automatic tools to harvest information from all 50 million accounts that were compromised,” The Sun reported. “This means it’s possible that hackers are currently sitting on photos, videos and private messages for tens of millions of people around the world. This data pool grows significantly when you add services like Tinder or Instagram into the mix.”

Related:
Facebook Oversight Board Member Goes Rogue, Eviscerates the Social Media Platform: 'Their Rules Are in Shambles'

On the day of the announcement, a news release from Democratic Sen. Mark Warner of Virginia wasted no time calling for federal intervention:

“The news that at least 50 million Facebook users had their accounts compromised is deeply concerning. A full investigation should be swiftly conducted and made public so that we can understand more about what happened.

“Today’s disclosure is a reminder about the dangers posed when a small number of companies like Facebook or the credit bureau Equifax are able to accumulate so much personal data about individual Americans without adequate security measures.

“This is another sobering indicator that Congress needs to step up and take action to protect the privacy and security of social media users. As I’ve said before – the era of the Wild West in social media is over.”

Meanwhile, Facebook took action that made it look as though it were trying to hide reports of the break from its users, claiming that media reports of its internal security problems “look(ed) like spam to us.”

“There’s no need for anyone to change their passwords,” Rosen said in a statement on Facebook. “But people who are having trouble logging back into Facebook — for example because they’ve forgotten their password — should visit our Help Center.”

Truth and Accuracy

Submit a Correction →






We are committed to truth and accuracy in all of our journalism. Read our editorial standards.

Tags:
, , , , , , , , ,
Dana Nottingham's writing focuses on politics, government, international relations, law, business and families. He has been a content creator for various websites, writing opinion and editorial analysis of current events and affairs and how they affect communities, families and individuals. Educated in international business and law, Dana fully understands how the world functions. He is pro-business, yet recognizes certain limitations are required to maintain the proper balance between supplier and consumer. Dana’s experience include working in the district office of a member of Congress and developing and building a growing Colorado city. Dana has lived in both Mexico and Peru and speaks and writes fluent Spanish. In Colorado, he served as a substitute radio host for two of the top-rated Spanish-language radio programs in Denver and even hosted his own Spanish-language radio program.
Dana Nottingham is an often humorous writer focusing on politics, government, international relations, law, business and families. He has been a content creator for various websites, writing opinion and editorial analysis of current events and affairs and how they affect communities, families and individuals.

Dana believes the future of the United States, and even the world, rests upon the strength of the family. A family, no matter its size or makeup, is both the most basic and the most important unit of government, where all education, training, support and even fun should originate.

Educated in international business and law, Dana understands how the world functions. He is pro-business, yet recognizes certain limitations are required to maintain the proper balance between supplier and consumer. Capitalism provides the best opportunity for success, growth and prosperity but certainly needs to be checked to assure that dishonest, deceitful and harmful practices do not detrimentally affect the system, the economy and the family.

Dana’s law and government experience include working in the district office of a Member of Congress and developing and building a growing Colorado city. He is pro-government to the extent that he understands government is a necessary yet intrusive means to protect our lives, our liberties and our pursuits of happiness, but fully believes government (whether national, state or local) should be as small as necessary to accomplish its limited purposes.

Dana has lived in both Mexico and Peru and speaks and writes fluent Spanish. In Colorado, he served as a substitute radio host for two of the top-rated Spanish-language radio programs in Denver and even hosted his own Spanish-language radio program. He understands and supports the vital role of legal immigrants and immigration, while recognizing the failure of the United States to properly address either legal or illegal immigration. Dana advocates complete reformation (and subsequent enforcement) of our nation’s immigration laws.

A classically trained pianist, Dana often accompanies local singers and groups in performances, large and small. He also performs an annual Independence Day concert, sharing his music and thoughts about the freedoms and blessings enjoyed from living in the United States.

In his spare time, Dana likes to camp, hike, waterski, watch college football and work in the yard with his five children.
Birthplace
California
Nationality
American
Education
B.S. International Business; JD, Law
Location
Lincoln, Nebraska
Languages Spoken
English, Spanish
Topics of Expertise
Politics, Faith, Immigration, Business, Families




Conversation