Facebook admits new data breach touching 90 million of its users

Hackers were able to breach 50 million accounts through the now suspended View As feature

2018 has not been kind to Facebook, with a series of bad headlines that have hurt the company's reputation among its users and, potentially, other founders. Just this week, the founders of Instagram announced their resignation from the company, reportedly due to tension with Facebook over autonomy. That was followed by Facebook getting into a public spat with one of the departed co-founders of WhatsApp over ads on the platform.

Now comes another piece of bad news: the company was recently breached, another in a series of issues involving member data that have sprung up this year. 

In a blog post on Friday, Facebook revealed that earlier this week it had discovered a security issue that had affected 50 million of its members.

At issue is the View As feature, in which Facebook users can view their profile as others would see it; the reason people use it, ironically, is to make sure that they have the right privacy settings in place and aren't accidentally disclosing information they wanted to keep private. Hackers "exploited a vulnerability in Facebook’s code," the company wrote, allowing them to steal Facebook access tokens, which are keys that let people stay logged in to the site. Once hackers were able to steal the tokens, they could then take over other user's accounts.  

"We’re taking this incredibly seriously and wanted to let everyone know what’s happened and the immediate action we’ve taken to protect people’s security," the company wrote in the post, noting that it has already reset the access tokens for those 50 million account, and that it is also resetting the tokens for 40 million other accounts, all of which had used the View As feature over the past 12 months. 

All this means for those 90 million users is that they will have to log back in to their Facebook account, and their Facebook app. 

In addition, the View As feature has been suspended for the time being, with no timetable for when the company will reinstate it.

So far, Facebook says it doesn't know if any information was accessed or who is behind the attack, but that it will continue to update its users as it learns more. 

In a Facebook post put up late Friday morning, Mark Zuckerberg also addressed the issue, in which he stated the issue had been fixed. 

"We face constant attacks from people who want to take over accounts or steal information around the world. While I'm glad we found this, fixed the vulnerability, and secured the accounts that may be at risk, the reality is we need to continue developing new tools to prevent this from happening in the first place. If you've forgotten your password or are having trouble logging in, you can access your account through the Help Center," he wrote.  

Facebook privacy problems

If there is one thing Facebook did not need to deal with at this moment it was another scandal involving data and the safety of its users.  

The company's year started with the Cambridge Analytica scandal, which shone a harsh light on how Facebook, as well as Twitter and Google, were handling their data. The data of 87 million Facebook users was said to have been affected, causing Zuckerberg to be hauled in front of Congress to answer questions about how the company handled its data, and how it was going to prevent such misuse from happening again.

That scandal, along with the other bad headlines throughout the year, have already begun to have an effect on user behavior. 

Earlier this month, Pew released a report surveying 4,594 adults in the U.S., in which it found that over half of respondents had changed their privacy settings in the last year. In addition, over 40 percent had "taken a break" from Facebook in that time period, which lasted several weeks. A smaller, but still significant, percentage, just over a quarter of those asked, said they had deleted the app from the phone.

In all, 74 percent of Facebook users say they have taken at least one of these three actions in the past year, including 44 percent of those aged 18 to 29.

Facebook's stock has also taken a hit, dropping 2.61 percent on Friday to $164.44 a share. It is currently down 6.87 percent year-to-date.

VatorNews reached out to Facebook for any additional comment. We will update this story if we learn more. 

(Image source: img.gadgethacks.com)