By Arielle Mullen

On September 28, Facebook announced that a few days prior, their engineering team uncovered a security issue impacting nearly 50M accounts. The investigation is still underway, but it seems attackers have exploited a flaw in Facebook's code impacting the "View As" feature, allowing them to steal access tokens and take control of user accounts. 

Guy Rosen, VP of Product Management at Facebook posted an update in Newsroom announcing the vulnerability had been fixed, and that they were now working with law enforcement to investigate further. Access tokens were reset for the 50M accounts known to be compromised, with an additional 40M access tokens reset for all accounts who had used the "View As" feature within the last year. Facebook has shut off the feature until their security review is complete. 

When asked about the security breach, Facebook CEO Mark Zuckerberg expressed the usual modicum of concern, explaining:

"This is a really serious security issue, and we're taking it really seriously. I'm glad that we found this, and we were able to fix the vulnerability and secure the accounts, but it definitely is an issue that it happened in the first place."

The data breach comes at a particularly inopportune time for Facebook, as the company already faces multiple federal investigations into their data-sharing practices after the catastrophic Cambridge Analytica scandal

After Facebook came forward with their announcement about the new security breach, Senator Mark Warner, who also serves as vice chairman of the Senate Intelligence Committee called for a thorough investigation. 

"Today's disclosure is a reminder about the dangers posed when a small number of companies like Facebook or the credit bureau Equifax are able to accumulate so much personal data about individual Americans without adequate security measures. This is another sobering indicator that Congress needs to step up and take action to protect the privacy and security of social media users."

With Facebook landing themselves in hot water time after time, it's safe to say change is inevitable for the social media behemoth. Whether these security risks will affect their current and future user base numbers however, is anyone's guess. 

Recommended for you…