Shares at FB fall over breach

Shares at FB fall over breach

Shares in Facebook fell more than 3% as the social media company said it discovered a security breach earlier this week that affected almost 50 million accounts.

The company said it has fixed the breach, which allowed hackers to take over people’s accounts.

The network said in a statement that it has told law enforcement authorities about the breach.

There was a loophole in Facebook’s code for a feature called ‘view as’ that let people see what their account looks like to someone else.

The vulnerability allowed people to steal access tokens — digital keys that keep people logged into Facebook so they don’t need to re-enter passwords.

Once logged in, the attackers could take control.

“This attack exploited the complex interaction of multiple issues in our code. It stemmed from a change we made to our video uploading feature in July 2017, which impacted ‘view as’, Facebook said.

“The attackers not only needed to find this vulnerability and use it to get an access token, they then had to pivot from that account to others to steal more tokens.”

Everyone whose profile used the ‘view as’ tool in the last year will have to log in to Facebook again, and any apps that used Facebook to log in. 


From there, they’ll be able to see a statement from Facebook explaining what happened.

The company estimated that about 90 million people will have to log in again.

It is the latest in a series of negative events involving Facebook, which employs around 3,000 in Ireland.

The firm, headed by Mark Zuckerberg, said it was taking the incident “incredibly seriously” and that its investigation was still in the early stages.

A blog post by vice president of product management, Guy Rosen said: “Since we’ve only just started our investigation, we have yet to determine whether these accounts were misused or any information accessed.

“We also don’t know who’s behind these attacks or where they’re based. 

"We’re working hard to better understand these details — and we will update this post when we have more information, or if the facts change.

“People’s privacy and security is incredibly important, and we’re sorry this happened. It’s why we’ve taken immediate action to secure these accounts and let users know what happened,” he said.

Bloomberg and Irish Examiner

More on this topic

Lady Gaga and Gay Byrne electrify FacebookLady Gaga and Gay Byrne electrify Facebook

NSPCC warns Facebook of becoming ‘one-stop grooming shop’ over encryption plansNSPCC warns Facebook of becoming ‘one-stop grooming shop’ over encryption plans

Up to public to judge politician ads, Zuckerberg says in latest Facebook defenceUp to public to judge politician ads, Zuckerberg says in latest Facebook defence

Ireland first in line as Facebook launch new tool to transfer images to Google PhotosIreland first in line as Facebook launch new tool to transfer images to Google Photos

More in this Section

Andrew Lloyd Webber wins tax fight over Barbados villasAndrew Lloyd Webber wins tax fight over Barbados villas

Economy grows 1.7% in third quarter of 2019; GDP up 5% in last 12 monthsEconomy grows 1.7% in third quarter of 2019; GDP up 5% in last 12 months

US and China ‘close to trade deal’US and China ‘close to trade deal’

Surging pound up 1.29% against the euro on election resultSurging pound up 1.29% against the euro on election result


Lifestyle

Unique drawings by Quentin Blake, one of Britain’s best-loved illustrators, are available at a Christie’s online auction which runs until December 17.Your chance to buy drawings by Roald Dahl illustrator Quentin Blake

Ciara McDonnell talks to four high-profile people about their festive traditions and favourite tracksHere's what has these famous faces rockin’ around the Christmas tree

More From The Irish Examiner