(NEWS10) – Facebook announced that an attack on its network this week affected 50 million users.
According to the social network, the attackers exploited a vulnerability in its code that impacted the “View As” feature. The feature lets users look at their profiles as someone else.
Facebook says this vulnerability allowed attackers to steal Facebook access token which could then be used to take over people’s accounts. These tokens allow people to stay logged in so they don’t have to re-enter their password each time they use the app.
The social network has notified law enforcement about the incident.
“People’s privacy and security is incredibly important, and we’re sorry it happened. There’s no need for anyone to change their passwords,” Facebook said in a statement.
Facebook has reset access tokens to the individuals who were affected. Facebook says it is also resetting access tokens for another 40 million accounts that may have been subject to a “View As” lookup in the last year.
The 90 individuals will be automatically logged out and will have to log back in. Affected users will receive a notification about what happened.