Science Matters Exposed

<Start> October 12, 2018 An Update on the Security Issue   By  Guy Rosen , VP of Product Management We have been working around the clock to investigate the  security issue  we discovered and fixed two weeks ago so we can help people understand what information the attackers may have accessed. Today, we’re sharing details about the attack we’ve found that exploited this vulnerability. We have not ruled out the possibility of smaller-scale attacks, which we’re continuing to investigate. As we’ve said, the attackers exploited a vulnerability in Facebook’s code that existed between July 2017 and September 2018. The vulnerability was the result of a complex interaction of three distinct software bugs and it impacted “ View As ,” a feature that lets people see what their own profile looks like to someone else. It allowed attackers to steal Facebook access tokens, which they could then use to take over people’s accounts. Access tokens are ...

<Start>     Facebook Newsroom      September 28, 2018    S ecurity Update   Security Update Additional Technical Details Morning Press Call Transcript Afternoon Press Call Transcript  Originally published on September 28, 2018 at 9:41AM PT Security Update By  Guy Rosen ,  VP of Product Management On the afternoon of Tuesday, September 25, our engineering team discovered a security issue affecting almost 50 million accounts. We’re taking this incredibly seriously and wanted to let everyone know what’s happened and the immediate action we’ve taken to protect people’s security. Our investigation is still in its early stages. But it’s clear that attackers exploited a vulnerability in Facebook’s code that impacted “ View As ” a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’...