Earlier today, Facebook announced on blog of the company that hackers managed to gain access to tokens from about 50 million users.
Please note that the first complaint was filed that blames the company for its apparent inability to protect its users' data.
But data leaked outside the connection tokens?
Despite posting on the blog informing us of the breach and interception of login tokens, Facebook has provided no further details about the hack.
Who can be responsible? Did personal user data spill? Why does the company believe that only login tokens from 50 million accounts leaked? In addition, the company said it may be affected by other 40 million accounts (friends of the 50 millions of leaked accounts), without saying how it reached the conclusion.
According to Facebok technicians, the social network made a change in the code in July 2017 in the “View as” feature. The exploit was reportedly first activated on September 16. So September 16 is the day Facebook believes hackers began mass exploiting this flaw to gain access to the feature “View as"And gain user access tokens for users of the company.
The function of collecting access token caused the massive traffic on Facebook servers. and Facebook engineers realized what was happening on September 26. They began investigating it on September 27, and announced their findings this morning.
All of the above were published by the company and there seems to be a gap from 16 in September to 28 which posted the leakage of tokens.
The size of a company like Facebook does not allow the disclosure of an incident that affects millions of users after so many days.
Of course, the company, as it put it on its blog, took so many days to detect the vulnerability. But once again, the size of a company like Facebook does not allow the disclosure of an incident that affects millions of users after so many days.
On 12 for about a day hackers could log in to user accounts and collect all their personal data. So the first complaint to the company is not surprising. We will probably have to wait for more.
class actions against facebook by He Scribd
___________________________