Earlier today, Facebook announced on blog of the company that hackers managed to obtain access σε tokens σύνδεσης από περίπου 50 εκατομμύρια χρήστες.
It should be noted that the first lawsuit has already been filed accusing the company of its apparent inability to protect data of its users.
But data leaked outside the connection tokens?
Despite posting on the blog informing us of the breach and interception of login tokens, Facebook has provided no further details about the hack.
Who can be responsible? Did personal user data spill? Why does the company believe that only login tokens from 50 million accounts leaked? In addition, the company said it may be affected by other 40 million accounts (friends of the 50 millions of leaked accounts), without saying how it reached the conclusion.
According to Facebok technicians, the social network made a change in the code in July 2017 to the feature "View as". The exploit was reportedly activated for the first time on September 16. So September 16th is the day Facebook believes that hackers have begun to exploit this flaw en masse to gain access to the feature. "View as” and get tokens access company user accounts.
The function of collecting access token caused the massive traffic on Facebook servers. and Facebook engineers realized what was happening on September 26. They began investigating it on September 27, and announced their findings this morning.
All of the above were published by the company and there seems to be a gap from 16 in September to 28 which posted the leakage of tokens.
The size of a company like Facebook does not allow the disclosure of an incident that affects millions of users after so many days.
Of course, the company, as it put it on its blog, took so many days to detect the vulnerability. But once again, the size of a company like Facebook does not allow the disclosure of an incident that affects millions of users after so many days.
On 12 for about a day hackers could log in to user accounts and collect all their personal data. So the first complaint to the company is not surprising. We will probably have to wait for more.
class actions against facebook by He Scribd
___________________________