01 Oct 2018_campuscad
The single security flaw in the Facebook code exposed 50 million accounts to hackers. Facebook security team had admitted the same through it’s a blog post on Friday 28 September 2018.
Facebook Founder and CEO mark Zuckerberg also Explained through Facebook post what happened and how the flaw has been found and Facebook security updated.
VP of product management Guy Rosen at Facebook, stated that attackers exploited a vulnerability in Facebook’s code that impacted “View As” a feature that lets people see what their own profile looks like to someone else.
Facebook Security has created the digital key for every account it has, so the user did not always required to enter the password to log in to account for different devices.
Attackers used the “View As” option and found out the security flaw which helps you to upload the video. By using the Upload video option, attackers were able to access the Facebook digital key of the user account and able to access the photo, messages and about me information.
Investigation suggests, the flaw in the code was there from last 14 months and more than 40 million users used “View As” options in 2017. But it may be done by hackers and Facebook is investigating the same.
The View As activity increased in the last month and Facebook Security team has detected the pattern of use and then temporarily closed the View As functionality for users.
Later, Facebook found out around 50 million accounts has been compromised and the data stolen by hackers may be used for online phishing in coming days.
Facebook credentials used for login at various different sites like Airbnb, Instagram and many others.
Facebook has now fixed the vulnerability and changed the digital key for all 50 million accounts and logged out from the accounts exposed to hackers and asked users to login again with the password. Company also said that, Users need not be required to change the account password.
Facebook Security and trouble
Company already informed the same to the Law and enforcement. European user data stored at Ireland facility and data protection committee asking about the details of hacking into Facebook. Facebook may face a potential fine of $1.63 billion by the European Union privacy watchdog.
New General Data Protection Regulation (GDPR) policy says, companies who failed to protect the data of users may fined up to $23 million or 4% of the their Global revenue and not the profit, whichever is higher.
US Congress already grilled the Facebook, Twitter and Google in last hearing happened in August 2018 about fake news, User privacy and data protection with reference to Russia interference in US elections and campaigns and Cambridge Analytica scandal that used user data to analyze political interest of the users.
For more such daily stories, sign up below.