How are 50 million Facebook users hacked

Almost 50 million Facebook accounts hacked

According to Facebook, the vulnerability was discovered three days ago. The US company announced that it was taking the process "very seriously" and that the judiciary was also involved.

The attackers would have exploited a vulnerability in the function with which Facebook members can view their profile from the point of view of other users. This allowed them to take over the so-called tokens. With this type of long-term key, which is stored on the device, a user can quickly access his profile without having to enter a password every time.

According to the company, around 50 million of these tokens have been stolen. Theoretically, the attackers could have gained full access to the affected profiles. The online network emphasized, however, that it was unclear whether they had abused their access to the accounts or viewed information.

No evidence of private message retrieval

So far there is no evidence that private messages from users have been accessed, said Facebook founder and boss Mark Zuckerberg in a hastily called conference call. "We don't know who is behind this attack."

The function of displaying the profile from other perspectives was initially switched off as a precaution, Facebook said. Around 40 million more users will have to re-register on their devices, if only because they used the function in the past year.

The attack comes at an extremely inopportune time for Facebook as the company is still grappling with the effects of the Cambridge Analytica data scandal. The data from around 87 million Facebook users landed at the British company. They are said to have been used without permission for the election campaign of today's US President Donald Trump. Facebook is currently trying hard to secure the platform before the important US congressional elections in November.

hk / se (dpa, rtr, afp)