50 Million Facebook Accounts Affected in Massive Security Breach


50 million Facebook user profiles were affected by a security breach, the company confirmed in a confirmed in a blog post today. The full extent of the attack remains unknown.

The issue ...
... exploited a vulnerability in Facebook’s code that impacted ‘View As’, a feature that lets people see what their own profile looks like to someone else.
No indication has been given as to who might be behind the attack or what user data (if any) was exfiltrated. Logins have been reset for the 50 million accounts directly affected, as well as an additional 40 million accounts that the “view as” feature was used on within the past year.

In an email, Federal Trade Commissioner Rohit Chopra expressed his alarm at the breach ...
These companies have a staggering amount of information about Americans. Breaches don’t just violate our privacy, they create enormous risks for our economy and national security.
CEO Mark Zuckerberg described the breach as an “attack” and mentioned that those responsible had attempted to query Facebook’s database for personal information about the those whose profiles had their login tokens taken.

Sen. Mark Warner, co-chair of the Senate Cybersecurity Caucus, said the Facebook breach was “deeply concerning” in a statement, calling for a full investigation to be conducted at once.
Today’s disclosure is a reminder about the dangers posed when a small number of companies like Facebook or the credit bureau Equifax are able to accumulate so much personal data about individual Americans without adequate security measures#This is another sobering indicator that Congress needs to step up and take action to protect the privacy and security of social media users.
As I’ve said before - the era of the Wild West in social media is over.