09 6305002 | 0800 PCKING

Facebook hack affects 90 million users

“View As” Facebook hack affects 90 million users

Carole Theriault – October 16, 2018

In late September Facebook revealed details of a security breach they had apparently first spotted close to two weeks earlier. The problem was rooted in a feature (“View As”) allowing users to view their Facebook pages the way others would see them, which inadvertently allowed attackers to access the identifying user tokens. As the social network uses these tokens to check the identity of a user, this effectively granted them full access to the accounts.

The hack was used to get at the accounts of at least 50 million users, while another 40 million were forced to log back on to the website or related apps as a precaution.

This may seem a fairly small percentage of Facebook’s total user base of well over 2 billion active users worldwide, but it’s still a pretty huge number of people to be hit by a hack, granting access to the vast amounts of personal information most Facebook users entrust to the site.

With all this data now most likely in the hands of unknown hackers, and at some point fairly likely to be made available for sale to others, the security implications are huge. For a start, many businesses make use of Facebook’s login system for their own sites and services, especially smaller firms with limited resources to develop and maintain their own authentication processes. This could mean many accounts outside of Facebook will have been compromised by the same hack.

The exposure of personal data will also, almost inevitably, lead to an uptick in phishing, targeting people based on information gleaned from the hack and giving phishers a much more convincing starting point for their efforts. A phish is much more effective at tricking its target if it references the correct information on the services they use, and details often used as back-up identifiers, such as “mother’s maiden name”, first pet or first school, are all too easy to dig out from a Facebook profile.

Coming on the back of growing unease at the privacy implications of Facebook’s business model, as well as the phenomenon of “fake news” spreading wildly across the platform, this epic leak should push the firm towards greater efforts to secure and protect the information its users continue to entrust it with. It is likely to encourage many more cautious users to drop the platform altogether.

This should serve as a timely reminder to anyone maintaining a website that your security is only as good as that of any other company whose code you are reusing.

(And talk to PC KING on how to better protect your organisation, by improving your security practices and policies)

Source : Carole Theriault – Carole Theriault is a digital communications expert, specialising in audio, video and written content creation for technology firms around the world. https://techtalk.gfi.com/view-as-facebook-hack-affects-90-million-users/