Facebook – More details on the access token hack, including other services affected

Yesterday, Facebook released information about a hack affecting about 90 million users. 40 million of them as a precautionary measure, the access tokens of these users have been reset. There are still around 50 million users who are directly affected, and attackers probably had complete access to their accounts.

Facebook was yesterday at the beginning of the investigation but now shares more details. According to this, the access tokens could not only access the Facebook profile directly but also all services for which you have registered via Facebook. Fortunately in bad luck, however – You do not have to change your password, because this is not visible on the access tokens. So also means that you are relatively safe, if so far no damage caused by the access, the tokens cannot be used.

So if you have connected Instagram or Oculus to Facebook, you have to do it again, but at the same time, it means that the attackers had access to such services. The login with Facebook we offered in numerous services and actually such a login is also considered safe, because no passwords are passed. Stupid then only if the tokens get lost and it is not noticed.

Meanwhile, Facebook has also published technical details of the attack. It was the combination of several bugs that made it possible to pick up the tokens.

author image

About Author

Samuel Afolabi is a lazy tech-savvy that loves writing almost all tech-related kinds of stuff. He is the Editor-in-Chief of TechVaz. You can connect with him socially :)

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.