Word came out today from Facebook CEO, Mark Zuckerberg, that Facebook was breached on Tuesday. The numbers are still being tabulated, but it is currently estimated that over 50 million accounts were breached and as a result, Facebook has had to forcibly close 90 million accounts. They recommend that users change their passwords and log out of their accounts.
This incident shows that hackers, exploited a previously unknown vulnerability in the Facebook code. Specifically, they targeted the ‘View As’ feature. This is a feature that lets you see your profile as the public sees it.1 They used this vulnerability to steal access tokens. These tokens are used so that you don’t have to log your credentials in every time. As a result, they would get access to your passwords and your dual-factor authentication if you have it set up.
The easiest solution to this is to change your password. In addition, you should also update or change your dual factor authentication. Even though Facebook says that you don’t have to, these hackers would still be able to use it get data for phishing attempts. For more information about cyber security and insurance Click Here.