trickery.net  

Go Back   trickery.net > Technical > Software & Security

Reply
 
Thread Tools
Old 01-Oct-2018, 11:17   #1
EvilGrin
my other forum is full
EvilGrin's Avatar
Join Date: Oct 2003
Location: Lancs, UK.
Posts: 8,194
EvilGrin has a reputation beyond reputeEvilGrin has a reputation beyond reputeEvilGrin has a reputation beyond reputeEvilGrin has a reputation beyond reputeEvilGrin has a reputation beyond reputeEvilGrin has a reputation beyond reputeEvilGrin has a reputation beyond reputeEvilGrin has a reputation beyond reputeEvilGrin has a reputation beyond reputeEvilGrin has a reputation beyond reputeEvilGrin has a reputation beyond repute
50 Million Facebook Accounts Exposed - Potential 1.6B GDPR File

Facebook revealed it had bit of a coding oopsy on Friday.

Quote:
Originally Posted by Facebook
On the afternoon of Tuesday, September 25, our engineering team discovered a security issue affecting almost 50 million accounts. We’re taking this incredibly seriously and wanted to let everyone know what’s happened and the immediate action we’ve taken to protect people’s security.

Our investigation is still in its early stages. But it’s clear that attackers exploited a vulnerability in Facebook’s code that impacted “View As” a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.

Here is the action we have already taken. First, we’ve fixed the vulnerability and informed law enforcement.

Second, we have reset the access tokens of the almost 50 million accounts we know were affected to protect their security. We’re also taking the precautionary step of resetting access tokens for another 40 million accounts that have been subject to a “View As” look-up in the last year. As a result, around 90 million people will now have to log back in to Facebook, or any of their apps that use Facebook Login. After they have logged back in, people will get a notification at the top of their News Feed explaining what happened.
https://newsroom.fb.com/news/2018/09/security-update/

This theoretically counts as a GDPR violation to the tune of some 1.63B (based 10% of total earnings). As Facebook is in Ireland it is up to the Irish Information Commisoner to pursue this.

Quote:
Originally Posted by DPC Ireland (Twitter)
[email protected] is awaiting from Facebook further urgent details of the security breach impacting some 50m users, including details of EU users which have been affected, so that we can properly assess the nature of the breach and risk to users. #dataprotection #GDPR #eudatap
https://twitter.com/DPCIreland/statu...17378236608512
__________________
Edugeek - Techies in Education!
EvilGrin is offline  
Send a message via ICQ to EvilGrin Send a message via AIM to EvilGrin Send a message via MSN to EvilGrin Send a message via Yahoo to EvilGrin  EvilGrinUK 
Reply With Quote
Old 01-Oct-2018, 12:35   #2
BFH
Fixer of dead hard drives
BFH's Avatar
Join Date: Oct 2003
Location: The Final Frontier
Posts: 3,826
BFH has a reputation beyond reputeBFH has a reputation beyond reputeBFH has a reputation beyond reputeBFH has a reputation beyond reputeBFH has a reputation beyond reputeBFH has a reputation beyond reputeBFH has a reputation beyond reputeBFH has a reputation beyond reputeBFH has a reputation beyond reputeBFH has a reputation beyond reputeBFH has a reputation beyond repute
wooops
__________________
Elite Dangerous Current ship: Imperial Clipper,Cmdr Naughtius Maximus,Moto: fuck it
The BFH: http://www.andystoolkit.co.uk/thebfh.php
BFH is offline  
Reply With Quote
Reply

Go Back   trickery.net > Technical > Software & Security


Similar Threads
Thread Thread Starter Forum Replies Last Post
My backup DVD's keep failing fab Hardware 4 05-May-2005 18:02

Users Viewing Thread: 1 (0 members and 1 guests)
 

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 01:23.


Powered by vBulletin® Version 3.7.0 Release Candidate 3
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Copyright 2003 - 2013, trickery.net