Popular social networking site “Facebook” revealed to it’s users on Friday that it has been hit by security breach. One of the Facebook feature had virus that was exploited by some unknown hackers and about 50 million Facebook accounts have been affected by it and directly compromised.
About 40 million accounts have been potentially compromised. In the 50 million accounts that have been hacked, one belongs to Facebook creator and CEO Mark Zuckerberg. The account of Facebook chief operating officer Sheryl Sandberg has also been hacked.
"Three software flaws in Facebook's systems allowed hackers to break into user accounts, including those of the top executives Mark Zuckerberg and Sheryl Sandberg, according to two people familiar with the investigation but not allowed to discuss it publicly," reported a leading English daily.
The account of Mark Zuckerberg has been hacked due to the View As bug, which crept into Facebook code in 2017. Facebook says its engineers discovered the bug on September 25. It has now been fixed, and Facebook has reset the security tokens for the affected 90 million users. These users will find themselves logged out of the Facebook app and website and will have to log in again. The news was announced by Guy Rosen, VP of product management at Facebook, as well as by Mark Zuckerberg, who wrote on his Facebook page.
The news comes days after a hacker in Taiwan said that on Sunday he would delete the Facebook account of Mark Zuckerberg. The hacker had said that he would attack Zuckerberg's account live on camera and would live-stream the whole planned incident. It seemed that the hacker knew about the View As bug and would have used it to get into Facebook CEO's personal social media page. But after last night's disclosure by Facebook, the hacker abruptly called off the Sunday's activity that he had planned. The hacker, identified as Chang Chi-yuan, wrote on his Facebook page that he didn't expect his threat to Zuckerberg's account to go viral.
The full extent of the New Facebook security breach are not yet clear. "On Tuesday, we discovered that an attacker exploited a technical liability to steal access tokens that would allow them to log into about 50 million people's accounts on Facebook," Zuckerberg wrote on Friday night. "We do not yet know whether these accounts were misused but we are continuing to look into this and will update when we learn more."
Facebook has apologised for letting its users down. "People's privacy and security is incredibly important, and we're sorry this happened," Rosen wrote on the official Facebook blog.