Facebook account data breach
Facebook notified users of a biggest facebook account data breach on over 50 million user’s account. It happened on 25th September and later facebook engineering team detected it.
Facebook told they still don’t know that what kind of data breached as their investigation is still in early stage.
How to know if your account data also breached?
If your account have been affected then facebook logged you out of your account after detecting it. Also facebook informed users in their news feed that what happened with their account. But If you were logged out from your account automatically then it doesn’t mean that your data is also breached, facebook also logged out those accounts who were using “view as” feature.
How did all this happen?
Attackers exploited a feature called “View as” in facebook. That allows users to see what their profile look like to someone else. Attackers stole access token by using this feature and used it to log in to their account. Access token is like a digital key that keep user logged in without entering password again.
Did facebook fixed this issue?
Yes, facebook said that first they fixed this issue and informed to law enforcement agency. After that they have reset access token of 50 million users that they know were affected. Also they have reset access token other 40 million users who were using view as feature. Now all users can log in back to their account.
How to secure your facebook account?
However facebook said that users don’t need to change their password but to make your account’s security strong you can do following things:
1. Change your password and make it more stronger
2. Activate 2 step verification in facebook account setting
3. Remove apps that using facebook login, to do this go to settings then apps and websites then logged in as facebook, there you can see all apps where you logged in by using facebook. Remove all apps and you can log in back to your important and trusted apps/website again.
4. Logged out from all places from security and log in section in settings.
You can also delete you facebook account from settings if you are not using it or disable it.
I hope you like this article, in you want me to improve anything then please write in comment section below, I would love to read your comments and will take your advice seriously.