Facebook has announced the discovery of a security issue affecting almost 50 million accounts. While Facebook’s investigation is still in its early stages, it has confirmed that suspected malicious actors exploited a vulnerability in Facebook access tokens. These tokens are effectively digital keys that allow users to remain logged into Facebook and avoid re-entering their password.

‍

Facebook have taken steps to contain the incident, including fixing the vulnerability and resetting access tokens for affected (and potentially affected) users. If you have been logged out of Facebook automatically, this suggests Facebook have taken containment steps in relation to your user account. Facebook are advising that users need not change their passwords at this stage.
‍

Facebook will provide further updates as the circumstances of this security issue continue to unfold. In the interim, users may consider taking the following precautionary steps to protect their personal data.

If you have not been logged out of Facebook automatically, you can do so through your security settings by selecting the one-click option to log out of all locations.
While the circumstances of the security issue remain under investigation, there are reports that third party applications may have been impacted. Users may therefore consider logging out of all third applications linked to your Facebook login credentials and also turning off Facebook’s integration with third party applications by visiting Apps and Websites in your security settings.
Always carefully consider the personal data that you share on Facebook and other social media channels. This is also an opportune time to revisit your Facebook privacy settings.
Consider adopting two-factor authentication when logging into your account. This option may be activated from the security and login section in your security settings.
If it sounds like a scam, be sure to pick the phone and talk to the person who is messaging you or asking to connect with you on Facebook.

IDCARE is Australia’s national identity and cyber support service. We will continue to keep you updated as further information becomes available.

‍

BACK TO LATEST NEWS

Other News

IDCARE is always active in the media from radio to TV, social media and news articles. Keep up to date with what's happening at IDCARE and in the media.

Unmasking Gen-Z Scams, Deepfake Dangers, Rental Cons, and the Truth About Marketplace Fraud

The costly scam costing businesses huge $$$$$

What you need to know before investing in cryptocurrencies

The Cyber Sushi… (serving up the cold facts, with some phish bytes)

Behind the mask: Unveiling the new and the trending scams in the fortnight

CONTACT US

IDCARE is here to provide you with specialist support and guidance when faced with a cyber and identity related issue. Contact one of our Identity & Cyber Security Case Managers to learn more about our Support Services and how we can help you.