1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

Facebook security breach affects 50 million users

September 28, 2018

Facebook says attackers have exploited vulnerability in its code to steal "access tokens" which could have affected millions of profiles.

Facebook logo
Image: Reuters/D. Ruvic

Facebook disclosed a security flaw on Friday affecting nearly 50 million Facebook accounts. The social media company said hackers exploited its "View As" feature which allows users to see what their profiles look like to other individuals using its platform.

How has Facebook resolved the issue?

Facebook said in a blog post that it "fixed the vulnerability and informed law enforcement." It has reset "access tokens" of the 50 million accounts affected by the breach, as well as a further 40 million accounts, as a precaution. Those 90 million users will need to log back into the platform as a result. Facebook said it is not necessary for users to change their passwords.

The "View As" feature has been turned off as a precaution while a security review is conducted.

Cybersecurity reporter Brendan Bordelon said on Twitter that Facebook "discovered the vulnerability Tuesday, notified the FBI and Irish DPA on Wednesday, fixed it on Thursday and notified us on Friday."

Read more: EU to Facebook: Comply with laws or face sanctions 

'Constant attacks'

"We face constant attacks from people who want to take over accounts or steal information around the world," Facebook CEO Mark Zuckerberg said on his Facebook page.

"While I'm glad we found this, fixed the vulnerability, and secured the accounts that may be at risk, the reality is we need to continue developing new tools to prevent this from happening in the first place." 

Five months ago, Zuckerberg admitted Facebook failed to protect user data and prevent manipulation of its platform after some 87 million users had their personal information harvested by political consultancy Cambridge Analytica.

Read more: Facebook usage 'fueled anti-refugee attacks in Germany' 

Every evening at 1830 UTC, DW editors send out a selection of the day's hard news and quality feature journalism. You can sign up to receive it directly here.

kw/kms (AP, dpa)

Skip next section Explore more
Skip next section DW's Top Story

DW's Top Story

Skip next section More stories from DW