Hackers are growing more and more sophisticated everyday. They are advancing their techniques and learning new methods which compromise the safety of users and their profiles all over the internet. Social media has always been a favourite target and has recently seen growth in the number of attacks. Where technologies grow more and more advanced everyday, safety becomes of paramount importance as with greater technology comes a greater chance of potential exploits and methods to gain illegal access.
Facebooks’s founder and CEO Mark Zuckerberg confirmed that Facebook was the target of a hack. The hacker utilised a security vulnerability in the view as feature of the social media platform and as per reports, was able to steal the security tokens of about 50 million accounts. Though no information was abused in any way but this goes to show just how very potentially unsafe the digital realm is.
The view as feature was introduced to allow users to preview what their profiles would look like to public viewers. It seems the hacker found a vulnerability in the feature and stole security tokens. Facebook has confirmed that they have reset the tokens of the fifty million affected users and of an additional 40 million people who used the feature. Further, they have removed the feature till they investigate the matter in detail and find out if the information stolen was and can be misused. The potentiality of such a hack came to light after Facebook noticed a spike in user activity on September 16 but the hack was reported only a couple of days ago, almost two weeks after the possible hack date. They have patched the problem with the feature and have also notified law enforcement agencies like the FBI and the Irish Data Protection Commission in order to address any General Data Protection Regulation (GDPR) issues.
As per the company, they are not sure whether the information stolen has been misused, made public, or abused in any way. They are continuing their investigations and so far, no information abuse has been reported. The hacker seems to have used APIs that let applications communicate with the social media platform and let the hacker steal more information. Since the security keys have been reset, Facebook notes that there is no need to change passwords. Users may, however, do so as a preventive and precautionary measure, should they feel the need.
Mozilla revealed a security tool known as the Firefox monitor (further details here). The tool allows you to check if your private data has been stolen after a reported data breach. It may come in handy if you would like to check whether your information is secure. To use the feature, perform the following steps:
- Go to this webpage
- Type in your email ID which you use for the potentially affected (in this case, Facebook) platform.
- Mozilla will match it against the database of leaked user data and report back to you.
You can also sign up for email subscription which will notify you if your data is stolen.