Home / News & Analysis / Facebook finds ‘no evidence’ hackers accessed connected apps

Facebook finds ‘no evidence’ hackers accessed connected apps

Facebook has said it’s found “no evidence” that third-party apps were affected by the data breach it revealed last week.

Hackers stole account access tokens on at least 50 million users by exploiting a chain of three vulnerabilities inadvertently introduced by Facebook last year. Another 40 million also may have been affected by the attack. Facebook revoked those tokens — which keep users logged in when they enter their username and password — forcing users to log back into the site again.

But there was concern that third-party apps, sites and services that rely on Facebook to log in — like Spotify, Tinder and Instagram — also may have been affected, prompting companies that use Facebook Login to seek answers from the social networking giant.

“We have now analyzed our logs for all third-party apps installed or logged during the attack we discovered last week,” said Guy Rosen, Facebook’s vice president of product management, in a blog post. “That investigation has so far found no evidence that the attackers accessed any apps using Facebook Login.”

“Any developer using our official Facebook SDKs — and all those that have regularly checked the validity of their users’ access tokens – were automatically protected when we reset people’s access tokens,” he said.

Admittedly, Rosen said that not all developers use Facebook’s developer tools, so the social network is “building a tool to enable developers to manually identify the users of their apps who may have been affected, so that they can log them out.”

Facebook spokesperson Katy Dormer said the company was “working on the tool now” but didn’t have a release date.

The breach also affected five million users in Europe, the company confirmed, where data protection laws are stricter and financial penalties are greater.

Under the newly installed General Data Protection Regulation (GDPR), European regulators can fine Facebook up to $1.63 billion in fines — or four percent of its $40.7 billion in annual global revenue for the prior financial year — if it’s found that Facebook could have done more to protect its users’ data.

Everything you need to know about Facebook’s data breach affecting 50M users

Read more

Check Also

Valve updates ‘Dota’ card game with open tournaments and chat options

Valve has delivered the first large upgrade to Artifact since it premiered in late November, and it's clear there's lots of headroom for the Dota card game to grow. The 1.1 update adds short Open Tournaments that anyone can join. You don't have to...

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Disclaimer: Trading in bitcoins or other digital currencies carries a high level of risk and can result in the total loss of the invested capital. theonlinetech.org does not provide investment advice, but only reflects its own opinion. Please ensure that if you trade or invest in bitcoins or other digital currencies (for example, investing in cloud mining services) you fully understand the risks involved! Please also note that some external links are affiliate links.