You might be familiar with Facebook’s ‘View as’ feature – which lets you publically view your timeline or as a specific person. You people might be wondering what this has to do with the latest breach. That feature has a vulnerability which the attackers used and cause the breach.
Facebook in an official statement – source link provided below – stated that the latest breach has affected over 50 million accounts. Attackers took advantage of a vulnerability that could have allowed them to take over those accounts.
Don’t get panic, Facebook has already fixed all the security issues and also informed about it to the law enforcement. The hackers users the access tokens which have now been reset by the social media platform.
They have already reset the access tokes of almost 50 million accounts and plans to reset another 40 million accounts’ access tokens too.
Facebook has currently turned off the ‘View As’ feature until the proper security review has been done.