Facebook has been getting a lot of heat over giving away its users’ data. But this time they didn’t give it away willingly. The popular social media site’s network was attacked, which left the personal information of almost fifty million users vulnerable. And it gets worse from there, as third-party apps could have been affected as well, and some are claiming that their posts about the security breach are being blocked on the site. Worse still, Facebook has already picked up a lawsuit over the security breach.
Facebook Security Breach
The recent Facebook security breach is the largest in the social media giant’s history. A feature in Facebook’s code was exploited by attackers, allowing them to gain access to user accounts. While there were previous calls from. Lawmakers for the U.S. government to step in and regulate the company, this recent security breach has renewed their interest.
After mentioning that Congress needs to take action to protect Facebook users’ privacy and security, Senator Mark Warner added, “A full investigation should be swiftly conducted and made public so that we can understand more about what happened.”
Facebook claims the attackers exploited two bugs in their “View As” feature that ironically enough gives users the ability to check to see what information others can see on their page. It was meant to provide more privacy,
Additionally, there is a bug in the system that allows for video uploads to celebrate a user’s birthday. The bug allowed attackers to steal “access tokens” that are used to allow access to an account.
The hackers tried to gain access to user information, such as name, hometown, sex, etc., through these security breaches. The extent of their success is unknown. Facebook logged more than ninety users out of their accounts, causing the users to need to log in again to their accounts.
Affect on Third-Party Apps
The breach could, in essence, have far greater consequences than just Facebook accounts with the possibility that it also affected third-party apps.
“The access token enables someone to use the accounts as if they were the account holder themselves,” said Facebook’ Guy Rosen. “This does mean they could access other third-party apps using Facebook login.”
While there is no current evidence that third-party apps were affected by the security breach reset all the access tokens. While users may have to re-log in to their accounts. The accounts themselves should be secure.
Some users have reported that Facebook is preventing them from posting news stories about the security breach, one by the Guardian and another from the Associated Press.
A screenshot shows the following text: “Acton Blocked. Our security systems have detected that a lot of people are posting the same content, which could mean that it’s spam. Please try a different post. If you think this doesn’t go against our Community Standards, let us know.”
Facebook clarified the issue, stating it was a problem with the automated moderation system, not an attempt to shut down unfavorable articles regarding their company. They believe it was just posted so many times in a short time frame, that the spam filters were triggered.
Facebook Picks Up Lawsuit
Just as quickly as this was reported, some users sprang into action and filed a class action lawsuit against Facebook.
The suit was filed in California and accuses Facebook of violating the state’s unfair competition law, of negligence, and of attempting to conceal its “grossly inadequate” security measures.
While two people in particular were named as bringing forth the suit, the suit is also looking to add “all persons who registered for Facebook accounts in the United States and whose PII was accessed, compromised, or stolen from Facebook in the September 2018 Data Breach.”
There has not been any indication who Facebook believes could be responsible for this security breach, what data was stolen, or what led to their decision that there was a security breach in the first place.
Despite everything Facebook has gone through up until this point, they have been continuing on, with business as well. But will this security breach lead to them losing business? Let us know what you think about the Facebook security breach in the comments section.