The Facebook announced a data breach at the end of last month that affected up to 50 million users. The problem consisted of access tokens-digital keys, which allow people to stay logged into Facebook. The vulnerability has made it possible for attackers to steal those tokens and hijack other users’ Facebook accounts.
Facebook confirmed that the attackers gained access to two types of information for 15 million of the users involved-their name and contacts, including phone and email addresses.
For, 14 million users attackers accessed much more information, including name, contact information, profile details such as username, gender, location, language, status of relationship, religion, hometown, city, date of birth, education, and work, website, recent Facebook searches.
The attackers didn’t access any information for the last one million users. The breach didn’t affect other products such as Messenger, Messenger Kids, Instagram, WhatsApp, Oculus and Workplace. The features such as Pages, payments, and advertising or developer accounts or any third-party apps are also didn’t affected.
To investigate the breach, FBI, FTC is still coordinating with other authorities. It will also inform the 30 million people whose access tokens have been compromised, providing them more information on what information might has been accessed and what they can do to protect themselves.