Facebook just disclosed that attackers took advantage of a security issue to attack its systems, and almost 50 million accounts are affected.
The flaw, discovered on Tuesday, allowed attackers to take over Facebook users’ accounts. The company’s stock dropped 3% on the news.
“Our investigation is still in its early stages. But it’s clear that attackers exploited a vulnerability in Facebook’s code that impacted ‘View As’, a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts,” Facebook’s VP of Product Management Guy Rosen wrote in a blog post announcing the news.
“Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.”
Facebook says it’s not yet clear who is behind the attack.
It was disclosed in a blog post published on Friday. The company is holding a press call on Friday morning with the media; Business Insider will attend and update this story with more information as it becomes available.
This story is developing…