Security Social Media Tech News

Facebook Hack Affects 50 Million Accounts

Dave Parrack 28-09-2018

Around 50 million Facebook users may have had their accounts accessed as part of a major security breach. This is thanks an unknown party or parties exploiting a vulnerability in Facebook’s code and stealing access tokens as a result.


Facebook isn’t having a great year, with the Cambridge Analytica scandal Facebook Addresses the Cambridge Analytica Scandal Facebook has been embroiled in what has come to be known as the Cambridge Analytica scandal. After staying silent for a few days, Mark Zuckerberg has now addressed the issues raised. Read More and Mark Zuckerberg’s subsequent (and very awkward) appearance before Congress. This led to calls for people to #DeleteFacebook, and millions are thought to have done so.

And now Facebook has a major security breach on its hands…

Facebook Suffers a Serious Security Breach

As explained in a post on Facebook Newsroom, Facebook discovered a security breach on September 25, 2018. Around 50 million accounts were directly affected, with a further 40 million accounts secured as a precaution.

The attacker had discovered a flaw in Facebook’s code which is thought to have been introduced to its video upload tool in July 2017. This affected the “View As” feature, which allows you to see how your Facebook profile looks to other users.


Thus, the attacker was able to steal access tokens, which are the digital keys that let you stay logged into Facebook without having to enter your password every time. With these access tokens the attacker could potentially take over people’s accounts.

Unfortunately, Facebook doesn’t yet know “whether these accounts were misused or any information accessed.” At this early stage of the investigation the social network also doesn’t know “who’s behind these attacks or where they’re based.”

Facebook Takes Action to Protect Its Users

Facebook has taken decisive action. First, it has fixed the vulnerability and informed law enforcement. Secondly, it has reset the access token of everyone potentially affected. Third, it has temporarily disabled the “View As” feature.

If you’re one of the 90 million people who have had their access tokens revoked you’ll need to log back into Facebook. You’ll also see a notification at the top of your News Feed explaining the situation. But beyond that, neither you or Facebook can do any more.

Maybe It Is Time to Delete Facebook After All

While any security breach resulting from a vulnerability in a company’s code is serious, it looks like this could have been a lot worse. And while 50 million people is a huge number it’s a drop in the ocean when you consider Facebook has 2 billion users.

Still, this sorry saga is likely to reinvigorate the campaign to persuade people to delete Facebook. Making our article listing reasons not to delete Facebook 7 Reasons Not to Delete Facebook #DeleteFacebook A growing number of people are calling on us all to #DeleteFacebook. However, while it's not perfect, we believe there are multiple reasons not to delete Facebook. Read More suddenly relevant again. And we doubt this will be the last time either.

Related topics: Facebook, Online Security, Security Breach.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Thumb
    September 29, 2018 at 4:02 am

    What the hell is Facebook?

  2. Jessica
    September 28, 2018 at 8:12 pm

    so this happened to me...I was signed out of fb yesterday and I dont rmember my password...I had the 6 digit code sent to my phone and it wont accept it