{"id":12037,"date":"2018-09-28T16:50:27","date_gmt":"2018-09-28T20:50:27","guid":{"rendered":"https:\/\/me-en.kaspersky.com\/blog\/facebook-token-breach\/12037\/"},"modified":"2019-11-15T15:22:49","modified_gmt":"2019-11-15T11:22:49","slug":"facebook-token-breach","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/facebook-token-breach\/12037\/","title":{"rendered":"What do you need to do about the recent Facebook security breach?"},"content":{"rendered":"<h2>What you need to do about the recent Facebook security breach:<\/h2>\n<ul>\n<li><b>Nothing.<\/b><\/li>\n<\/ul>\n<h3>What you <em>don\u2019t need<\/em> to do about the recent Facebook security breach:<\/h3>\n<ul>\n<li><b>Don\u2019t rush to change your password<\/b>. Passwords were not affected during the breach, so they\u2019re as safe as you\u2019ve made them.<\/li>\n<li><b>Don\u2019t panic<\/b>. Even if you find yourself logged out of Facebook for some reason, Facebook says there\u2019s no need to worry; it will have already reset the authentication token for you so that nobody but you can gain access to your account. You\u2019ll need to log in again by entering your password and 2FA code (if you have enabled it), but that\u2019s all.<\/li>\n<li><b>Don\u2019t delete your Facebook account.<\/b> Well, of course you can always do that, but this breach is not a reason to be quite that worried.<\/li>\n<\/ul>\n<h3>Here\u2019s what actually happened<\/h3>\n<p>On September 28, Facebook published <a href=\"https:\/\/newsroom.fb.com\/news\/2018\/09\/security-update\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">a security update<\/a> explaining that the company\u2019s engineering team has <em>discovered a security issue affecting almost 50 million accounts<\/em>. The bottom line is that somebody performed a rather sophisticated attack that allowed them to steal 50 million user access tokens.<\/p>\n<p>An access token is, as Facebook describes it, basically a key to your account. If a person has it, Facebook considers that person authorized to enter that account and doesn\u2019t request login, password, and 2FA codes. So, having stolen 50,000,000 user access tokens, the malefactors could potentially access those 50,000,000 accounts. But that doesn\u2019t mean they got access to your passwords or somehow broke the two-factor authentication mechanism. Your password is secure and 2FA is still working as intended. But stealing a token is a way to bypass those defenses.<\/p>\n<p>Facebook explains that investigation of the incident is in the very early stages, but for now they suspect that somebody found a vulnerability in their \u201cView as\u201d feature and exploited it, gaining access to 50 million account tokens. That\u2019s why they have turned the feature off, reset the user authentication tokens for those accounts, and are in the process of resetting those tokens for another 40 million users who have used this feature in the past year. The last part seems like just a precaution, but at the moment, they can hardly be too careful.<\/p>\n<p>When the token is reset, the person who has it can no longer access the account and will need to log in again. The malefactors don\u2019t have your login or password, so even if you were affected initially, they can no longer pretend to be you and access the account.<\/p>\n<p>Facebook promises to update <a href=\"https:\/\/newsroom.fb.com\/news\/2018\/09\/security-update\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">the post<\/a> once it\u2019s clear what exactly happened and whether any of the affected accounts were somehow misused, but for now we suggest doing what we described in the beginning of the post: nothing. There\u2019s nothing you can do at the moment, so don\u2019t panic. When the situation clears up some more, if users can take any useful actions, we\u2019ll let you know.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kis-trial-privacy\">\n","protected":false},"excerpt":{"rendered":"<p>Facebook has been breached, and malefactors gained access to some 50 million accounts. We offer some quick tips for your safety.<\/p>\n","protected":false},"author":675,"featured_media":12038,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5,1225,1486],"tags":[872,20,1183,543,1649],"class_list":{"0":"post-12037","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-privacy","9":"category-threats","10":"tag-breach","11":"tag-facebook","12":"tag-leaks","13":"tag-news-2","14":"tag-tokens"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/facebook-token-breach\/12037\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/facebook-token-breach\/14398\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/facebook-token-breach\/16331\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/facebook-token-breach\/14523\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/facebook-token-breach\/13493\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/facebook-token-breach\/17083\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/facebook-token-breach\/16374\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/facebook-token-breach\/21429\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/facebook-token-breach\/5287\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/facebook-token-breach\/24052\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/facebook-token-breach\/9777\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/facebook-token-breach\/17819\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/facebook-token-breach\/21712\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/facebook-token-breach\/21277\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/facebook-token-breach\/21284\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/facebook\/","name":"Facebook"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/12037","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/675"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=12037"}],"version-history":[{"count":4,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/12037\/revisions"}],"predecessor-version":[{"id":14595,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/12037\/revisions\/14595"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/12038"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=12037"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=12037"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=12037"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}