Oops Again! How Facebook Gave Hackers Keys to Profiles of 30 Million

Oops Again! How Facebook Gave Hackers Keys to Profiles of 30 Million

by Kurt Knutsson

Facebook’s most recent breach let hackers into 30 million accounts of people through a vulnerability that went unaddressed for over a year.  Hackers figured out how to get possession of the access tokens which are like digital keys.  That allowed nefarious individuals to gain control of profiles through Facebook’s unprotected “View As” function that lets you see how others see your profile.

Only now has Facebook patched the problem but buries the lead in another line of their security blog post saying that there could also be smaller attacks yet to be realized as they continue cooperating with an active FBI investigation.

What Hackers Got

What hackers got so far Facebook says includes the following:

Your name and contact details including phone number, email, or both, depending on what people had on their profiles, your username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, work, the last 10 places they checked into or were tagged in, website, people or Pages they follow, and the 15 most recent searches.  Oh, is that all?

Here’s what we know

Facebook’s greatest priority is making money off sharing your private life – not protecting you. To some degree its in their best interest to protect you, but they’ve proven again and again, that they aren’t protecting you.

What could go wrong next?

Watch for suspicious emails, texts and calls. If you cannot answer yes to the question, “Did I ask for this email, text or call?”, then be on guard. Do not engage or offer any further personal details to anyone despite how legit they may sound in their unsolicited reach out.

What It Means to You

You can assume that everything you share in digital form is public. When posting online, think to yourself what a criminal would do with the information you are sharing. And if you post amazing vacation photos while on a spectacular getaway, don’t be surprised if your home is emptied out by thieves when you get back to reality.

Check Your Account

You can check Facebook’s Help Center to see if your account was compromised.


   

Leave a Comment

GET MY FREE CYBERGUY REPORT
Subscribe to receive my latest Tech news, security alerts, tips and deals newsletter. (We won't spam or share your email with anyone else.)

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.

Tips to avoid our newsletters going to your junk folder