Another Facebook Security Incident

Here we are again, in the midst of another Facebook security incident. It was announced in late September that 50 million users had their accounts compromised and an additional 40 million accounts were reset as a precaution. The investigation was in its early stages then, but Facebook announced that they knew that hackers exploited a vulnerability in the View As feature that allowed them to steal access tokens. Access tokens are “digital keys” that allow users to stay logged in to Facebook rather than re-enter their password before each session. They fixed the issue and continued their investigation to determine the hacker’s identity and if/when/how this stolen information was misused.

In a recent update, Facebook says of the 50 million accounts they originally believed were affected, only 30 million users actually had their tokens stolen. This update also included details on the timeline, how the attack was perpetrated, and how to check if your account was involved in the breach. It was further noted that the attack did not affect Messenger, Facebook’s private message application.

Now that we have more information, what do we do with it? Some have decided to leave Facebook altogether to protect their privacy. It is a truly personal decision, with each individual weighing the risks and benefits. If you choose to stay on Facebook, be sure to check your Facebook settings and perform Privacy Checkups regularly.

To check your settings, login to Facebook and click the down arrow as shown below.

Facebook settings

Click Privacy from the Settings tab and review what you share and who can contact you.

Facebook settings 2

To perform a Privacy Checkup, click the question mark on the top toolbar.

Facebook settings 3

Follow the prompts that take you through privacy decisions about your posts, profile, and third party apps and websites.

Facebook settings 4

Digital theft and crime will only continue to grow as the world becomes more dependent on the internet. In the digital age, our personal data is currency and we must do what we can to protect it.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s