Monday December 17, 2018
Home Lead Story Hackers Didn&...

Hackers Didn’t Access Any Third-party Apps: Facebook

The privacy watchdog could fine Facebook as much as $1.63 billion for the data breach

0
//
Facebook
Irish watchdog opens inquiry into latest Facebook privacy breach. Pixabay
Republish
Reprint

Tendering a fresh apology in the data breach that affected 50 million users, Facebook has said that a detailed investigation found no evidence that the hackers accessed any third-party apps using Facebook Login.

In the biggest-ever security breach after Cambridge Analytica scandal, Facebook last week admitted that hackers broke into nearly 50 million users’ accounts by stealing their “access tokens” or digital keys.

“We have now analysed our logs for all third-party apps installed or logged in during the attack we discovered last week. That investigation has so far found no evidence that the attackers accessed any apps using Facebook Login,” Guy Rosen, Vice President of Product Management at Facebook, said in a statement late on Tuesday.

Rosen said Facebook has fixed the vulnerability and reset the access tokens for a total of 90 million accounts — 50 million that had access tokens stolen and 40 million that were subject to a “View As” look-up in 2017.

Facebook
This Feb. 19, 2014, photo shows a Facebook app icon on a smartphone in New York. VOA

“Resetting the access tokens protected the security of people’s accounts and meant they had to log back in to Facebook or any of their apps that use Facebook Login,” the Facebook executive said, adding that “we’re sorry that this attack happened”.

Any developer using official Facebook SDKs — and all those that have regularly checked the validity of their users’ access tokens – were “automatically protected when we reset people’s access tokens”.

“However, out of an abundance of caution, as some developers may not use our SDKs, we’re building a tool to enable developers to manually identify the users of their apps who may have been affected, so that they can log them out,” said Rosen.

Facebook
Facebook, social media. Pixabay

The social media giant recommends developers stick to its Login security best practices like using official Facebook SDKs for Android, iOS and JavaScript, using the Graph API to keep information updated regularly and log users out of apps where error codes show that any Facebook session is invalid.

You May Also Like to Read About- A New Planet Dwarf Planet Discovered Beyond Pluto

Ireland’s Data Protection Commission, which is Facebook’s lead privacy regulator in Europe, has asked Facebook to submit more details in the incident where data of over 50 million users were hacked.

The privacy watchdog could fine Facebook as much as $1.63 billion for the data breach. (IANS)

Click here for reuse options!
Copyright 2018 NewsGram

Next Story

Irish Watchdog Opens Inquiry into Latest Privacy Breach of Facebook

The private information of Facebook users was alleged to be used to influence the US 2016 general elections in favour of President Donald Trump's campaign

0
Facebook
Irish watchdog opens inquiry into latest Facebook privacy breach. Pixabay

Ireland’s Data Protection Commission (DPC) has announced a fresh investigation into Facebook, a day after the social networking giant admitted another security breach where nearly 6.8 million users risked their private photos being exposed to third-party apps.

Facebook, which is already facing a probe from the Irish watchdog for a previous privacy leak in September that affected 50 million people, may end up with fine of 4 per cent of its annual turnover – the highest fine under the new European General Data Protection Regulation (GDPR), The Independent reported on Saturday.

In Facebook’s case, the fine could amount to nearly 1.5 billion euros.

“The Irish DPC has received a number of breach notifications from Facebook since the introduction of the GDPR on May 25, 2018,” a spokesperson for the watchdog was quoted as saying.

The fresh move came after Facebook on Friday said more than 1,500 apps built by 876 developers may have also been affected by the bug that exposed users’ unshared photos during a 12-day-period from September 13 to 25.

Facebook, in a statement, said it has fixed the breach and will roll out next week “tools for app developers that will allow them to determine which people using their app might be impacted by this bug”.

“Currently, we believe this may have affected up to 6.8 million users and up to 1,500 apps built by 876 developers. The only apps affected by this bug were ones that Facebook approved to access the photos API and that individuals had authorised to access their photos.

Facebook, data
This photo shows a Facebook app icon on a smartphone in New York. VOA

“We’re sorry this happened,” said Facebook, adding that it will also notify the people potentially impacted by this bug via an alert.

The disclosure is another example of Facebook’s failure to properly protect users’ privacy that may drew more criticism of its privacy policy.

Earlier this month, Italian regulators fined Facebook 10 million euros for selling users’ data without informing them.

The competition watchdog handed Facebook two fines totalling 10 million euros, “also for discouraging users from trying to limit how the company shares their data”.

The Irish watchdog, which is Facebook’s lead privacy regulator in Europe, in October opened a formal investigation into a data breach which affected 50 million users.

Also Read- Prime Minister Narendra Modi Extends Condolences to France Terror Attack Victims

“The investigation will examine Facebook’s compliance with its obligation under the General Data Protection Regulation (GDPR) to implement appropriate technical and organisational measures to ensure the security and safeguarding of the personal data it processes,” said the DPC.

The world’s largest social media network has been grilled over the past year for its mishandling of user data, including its involvement in a privacy scandal in March when Cambridge Analytica, a British political consultancy firm, was accused of illegally accessing the data of more than 87 million Facebook users without their consent.

The private information of Facebook users was alleged to be used to influence the US 2016 general elections in favour of President Donald Trump’s campaign. (IANS)