Contact Contact Us

Hackers Stole Access Tokens for 50 Million Facebook Accounts

In the worst breach in Facebook’s history, hackers had stolen access tokens for 50 million accounts by exploiting a previously unknown vulnerability found on Facebook’s ‘View As’ feature. The vulnerability allowed hackers to steal login tokens that they could use to access the accounts and other third-party websites that a user had logged into using their Facebook credentials. The hackers could then siphon user information to carry out scams and phishing attacks. Facebook said it has fixed the vulnerability, temporarily disabled the ‘View As’ feature, and conducted a comprehensive security review.

[1] SingCERT urges vigilance in wake of Facebook security breach

Ensign InfoSecurity Singapore
30A Kallang Place
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883