Connect with us

Hi, what are you looking for?

Cyprian Is Nyakundi

General

Facebook doesn’t think hackers accessed third-party sites


Here's why quitting Facebook is so hard

Facebook says it has not found any evidence “so far” that its attackers accessed third-party sites through Facebook Login.

It’s a sliver of good news about a massive data breach that the company first disclosed last week. Attackers accessed as many as 50 million accounts in the largest such breach of Facebook’s network.

“We have now analyzed our logs for all third-party apps installed or logged during the attack we discovered last week. That investigation has so far found no evidence that the attackers accessed any apps using Facebook Login.” said Facebook’s Guy Rosen in a statement.

On Friday, Facebook (FB) announced unknown attackers had exploited a vulnerability to access the accounts. They were able to view other people’s Facebook profiles as if they were the accounts’ owners. For example, they could see friends’ profiles and updates.

Facebook says it closed the loophole on Thursday night, but 90 million users were forcefully logged out of their accounts as a precaution.

The attackers stole Facebook “access tokens,” which keep a person logged into their Facebook account over long periods. Facebook reset all 50 million tokens, as well as tokens for an additional 40 million people who had used the “view as” feature in the past year as a precautionary step.

During a call about the hack last week, Rosen said the attackers would have also been able to access third-party sites using Facebook Login, but the company had found no evidence of them doing so.

Hundreds of sites and apps including Tinder, Spotify and Airbnb use Facebook Login, which lets people access the services with their Facebook username and password. Early this week, developers were confused about whether their services had been exposed in the Facebook hack.

The company says partners following Facebook “best practices” were automatically protected. Some developers might not have followed those rules, and they could have put their users at risk.

“We’re sorry that this attack happened — and we’ll continue to update people as we find out more,” Rosen said.

— CNN’s Donie O’Sullivan contributed reporting.

CNNMoney (San Francisco ) First published October 2, 2018: 7:13 PM ET



Source link


Would you like to get published on this Popular Blog? You can now email Cyprian Nyakundi any breaking news, Exposes, story ideas, human interest articles or interesting videos on: [email protected] Videos and pictures can be sent to +254 710 280 973 on WhatsApp, Signal and Telegram.


Comments

comments

Click to comment

Facebook

You May Also Like

News

*Editor’s Note: This open letter to Safaricom has been published as received. No redactions have taken place to avoid legal issues pending a court...

News

  These pictures you are about to view calls to heart the need to be extremely careful about what you do in the  secret...

News

This is an intervention for Victoria Rubadiri so as to help her revert back to factory settings. We notice your slow drift away into...

News

Caption : Edwin Kigen Who was Murdered in Madaraka Estate. We demand for answers from Boinnet ! Another young man may have been brutally assaulted and...

Copyright © 2020 Cyprian Is Nyakundi.