On Friday, September 28, 2018, Facebook announced the largest breach in the company’s history. On September 25th, Facebook’s engineering team discovered a security issue affecting 50 million accounts.
Facebook has stated the attackers took advantage of a weakness in the “View As” feature. The “View As” feature enables users to see what information other people can see about them.
The hackers stole digital keys that keep you logged into Facebook so you don’t need to re-enter your password every time. Facebook promised that they have fixed the vulnerabilities, reset the digital keys for the 50 million affected users, plus an additional 40 million accounts for precaution.
While Facebook has addressed the issue, fixed it, and informed law enforcement, you should still take steps to help protect yourself.
Consider Changing Your Password.
Create a new password that has numbers, uppercase letters, and symbols. Make sure this password is separate from the other passwords you use. It’s always good to play it safe with passwords. We should note again that users’ passwords were not stolen during this breach. The hackers got access to the digital keys granted to users after they first log in so they don’t need a password for future sessions.
Beware of Scammers.
We share a lot on social media and, as such, hackers can gain a lot of personal information about you, your friends, and your business connections. Beware of hackers trying to impersonate people you know. If somebody starts asking you for money or sensitive information, don’t give away either!
Reconsider Using Facebook to Log In to Third Party Apps.
So far, Facebook has said hackers did not access any third party apps. But it’s still investigating the scope of the hack. To secure your information, don’t use Facebook to log in to other apps like Spotify and Instagram. “It’s easy and convenient, but when when you use shortcuts, there can be consequences,” said Dana Simberkoff, Chief Risk, Privacy, and Information Security Officer for the enterprise security firm AvePoint. Disable the auto-logins for Facebook.
How did you feel when the breach was announced? Has it impacted your usage of the platform?