Earlier today, Facebook announced on blog of the company that hackers managed to gain access to tokens from about 50 million users.
Please note that the first complaint was filed that blames the company for its apparent inability to protect its users' data.
But data leaked outside the connection tokens?
Despite posting on the blog informing us of the breach and interception of login tokens, Facebook has provided no further details about the hack.
Who can be responsible? Did personal user data spill? Why does the company believe that only login tokens from 50 million accounts leaked? In addition, the company said it may be affected by other 40 million accounts (friends of the 50 millions of leaked accounts), without saying how it reached the conclusion.
According to Facebok technicians, the social network made a change in the code in July 2017 to the feature "View as". The exploit was reportedly activated for the first time on September 16. So September 16th is the day Facebook believes that hackers have begun to exploit this flaw en masse to gain access to the feature. "View as"And gain user access tokens for users of the company.
The access token collection feature has caused massive traffic on Facebook servers. and Facebook technicians realized what was happening on September 26. They began to investigate 27 in September, and they announced their findings this morning.
All of the above were published by the company and there seems to be a gap from 16 in September to 28 which posted the leakage of tokens.
The size of a company like Facebook does not allow the disclosure of an incident that affects millions of users after so many days.
Of course, the company, as it put it on its blog, took so many days to detect the vulnerability. But once again, the size of a company like Facebook does not allow the disclosure of an incident that affects millions of users after so many days.
On 12 for about a day hackers could log in to user accounts and collect all their personal data. So the first complaint to the company is not surprising. We will probably have to wait for more.
class actions against facebook by He Scribd