Facebook has found a vulnerability in the security system
MOSCOW, September 28 — RIA Novosti. Company Facebook reported the detection of problems in the security system, which affected nearly 50 million users of the social network.
“On Tuesday 25 September our team of engineers has discovered a security issue affecting nearly 50 million accounts,” according to the statement by the Vice-President of product management, guy Rosen (Guy Rosen).
As noted in the statement, the attackers have used a vulnerability in Facebook’s code that affect the function of the “View my profile”. “This allowed them to steal access tokens, which they then used to gain control over the accounts of the people,” — said in a statement.
It is reported that access tokens allow users to stay logged into Facebook so it was not necessary to enter the password every time when using the social network.
The company said it has “eliminated the vulnerability and reported (the incident — ed.) law enforcement,” “re-configured access tokens 50 million users whose accounts have been affected”. The company also as a precaution decided to reconfigure the access tokens 40 million users.
“As a result, about 90 million people will be forced to again log in to Facebook or other apps that use the Facebook login,” — said in a statement. The function “View my profile” temporarily disabled for security check.
As Rosen noted in a statement, it is not known what information the attackers gained access, and whether it was misused. It is also unclear who is behind the attacks.