Facebook

Toroid

Founding Member
Facebook discovered a security breach that effects 50 million users.
Facebook says 50 million user accounts affected by security breach
Facebook said Friday it discovered a security breach that affects nearly 50 million user accounts. The issue was found by its engineering team on Tuesday afternoon.

"We’re taking this incredibly seriously and wanted to let everyone know what’s happened and the immediate action we’ve taken to protect people’s security," the company said in a statement.

The company says hackers exploited the "View As" feature on the service. Facebook says it has taken steps to fix the security problem and alerted law enforcement.

"Our investigation is still in its early stages. But it’s clear that attackers exploited a vulnerability in Facebook’s code that impacted 'View As,' a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app."

Menlo Park, Calf.-based Facebook said it is taking three steps to ensure its users accounts are safe: 1. fixing the vulnerability and informing law enforcement; 2. resetting "the access tokens of the almost 50 million accounts we know were affected to protect their security"; 3. "Temporarily turning off the “View As” feature while we conduct a thorough security review."

In addition, the Mark Zuckerberg-led company said it is taking the precautionary measure of resetting access tokens for another 40 million accounts that were "subject to a 'View As' look-up in the last year," bringing the total to 90 million accounts who will now have to log back into the service.

Zuckerberg also alerted the breach on his Facebook page.

On the conference call, Guy Rosen, VP of Product Management and the author of the aforementioned statement, said that the company is working with the FBI and said they update law enforcement "when we learn about these interactions." Facebook also said that it contacted the Irish Data Protection Commission about the breach.

Highlights from the Senate Intelligence Committee and House Energy and Commerce Committee hearings with Facebook COO Sheryl Sandberg and Twitter head Jack Dorsey, including InfoWars' Alex Jones sparring with Marco Rubio and Rep. Billy Long drowning out a protester with an auction call.

Neither passwords or credit card information were taken, Rosen said. Data that could have been taken included information that could be found using the "standard profile retrievable API," which includes data like gender, name or hometown, he said.

Zuckerberg followed that up by saying the company is "taking it really seriously," but that he is "glad that we found this and we're able to the secure accounts."

Rosen would not confirm whether the breach was state-backed, but added the hackers "did need a certain level in order for attacker not only get access but to pivot on the access tokens." Several Facebook users (including the author of this story) noticed the odd occurrence this morning and posted to social media wondering what happened.

Matt Schulz, Chief Industry Analyst at CompareCards, said the breach is another reminder to keep accounts secure.

“This breach can be yet another wake-up call for people to take their online security seriously," Schulz said in comments obtained by Fox News. "We think nothing of visiting Facebook and Instagram 10 times a day, but we feel like we don’t have enough time to take basic safety steps for our online identity.”

The news comes just days after a hacker said he was going to delete Zuckerberg's Facebook page on Sunday.

Noted Taiwanese hacker Chang Chi-yuan promised to delete Zuckerberg's account, telling his 26,000 followers that the event would be livestreamed on Facebook Live, according to The Verge.

Chang said the event would happen at Sunday at 6 p.m. local time or 6 AM EST/ 3 AM PST.

Facebook has suffered two data breaches in recent memory, including the Cambridge Analytica scandal, in which some 87 million accounts were compromised.

The Cambridge Analytica scandal caused Zuckerberg to appear before Congress, led to a drop in trust in the company amongst its users and ultimately led Zuckerberg to apologize.

Fox News' Gillian Turner and the Associated Press contributed to this report. Follow Chris Ciaccia on Twitter @Chris_Ciaccia

www.youtube.com/watch?v=BeqCEXvYMyQ
 

nivek

As Above So Below
Taiwanese hacker vows to DELETE Mark Zuckerberg's Facebook page and says he'll broadcast the takedown live on the social network on Sunday
  • Chang Chi-yuan told his 27,000 followers he would target Zuckerberg's account
  • He calls himself a 'bug bounty-hunter' who has hacked a series of companies
  • Zuckerberg has previously been targeted on Facebook, Twitter and Pinterest
4609822-6218911-image-m-12_1538142383272.jpg
 

The shadow

The shadow knows!
I personally have a dummy FB. just so I can log on.
my twins have a P.G. account. meaning Rikki and I can deactivate or edit them as we see fit. (we have done so.)
my 11 year old son does not have one.
nor will he until he is 13. Face book messenger is very bad news.
Kate got a message from a sexual predator. this was reported to the police. Face book is a great platform.
but far from safe.
 

wwkirk

Divine
Indie Hacker Gets Cold Feet on an Attack on Zuckerberg
Self-professed bug bounty-hunter Chang Chi-yuan, who ferrets out software flaws in return for cash, said on Facebook this week that he would live-stream an endeavor to delete the billionaire’s account at 6 p.m. local time from his own Facebook page.

But the lanky youngster, who turns 24 this year based on past interviews, said he’ll refrain from doing so after receiving global attention following his announcement, which was reported by Bloomberg News earlier Friday.


"I am canceling my live feed, I have reported the bug to Facebook and I will show proof when I get bounty from Facebook," Chang, who has more than 26,000 followers on Facebook, told Bloomberg News.
 

Shadowprophet

Truthiness
I think facebook sucks, Over the years for me, It's developed into a page where all the people I know like friends and family are. I've got to be fair, I can't go on to facebook and be ShadowProphet, No, All my friends and all my family are there, To everyone on FB, I'm just Darren Bray, The guy who they all know everything about down to the last flaw.

Can I approach someone on Facebook with a scientific theory I have been working on? No, Because they all remember when I was seven and got covered in leeches that time I swam in the neighbor's pond...

Facebook is a strange concept, They take everything about a person that motivates them to move out on their own and create their own lives, And they force-feed that environment to you, And People somehow, like that? Sigh....

I love my family and friends don't get me wrong, But a great portion of the reason I moved out on my own was to get the fuck away from those people. :/

I may be cynical But I own up to it :/
 

nivek

As Above So Below
Facebook’s ‘Fake News’ Crusade is a Fraud: Now Partners in Propaganda with U.S. Government

21-Facebook-ghost-censorship-copy-610x413_2.jpg


They tell us we’re facing a ‘crisis of democracy’ and that it’s all to do with plague of fake news.There is a crisis, but it’s not ‘fake news’ – it’s a crisis of authoritarianism. If left unchecked, it will introduce some disturbing implications for western democracies, but also for humanity in general, because when Silicon Valley firms impose their rigid regimes of censorship, it’s not only content for the American market which is being ‘disappeared’ – it’s being wiped globally.

This is a level of control and corruption which the world has never experienced before. Corporate technocrats and their automated algorithms are making arbitrary decisions which dictate which pieces of communication or user accounts are allowed to exist, and which of ones cannot.Invisible technocrats curating your news feeds, and deleting accounts on a whim, or worse – deleting them at the direction of governments. This is Kafka going global.


.
 

wwkirk

Divine
Hackers stole details of 29 million users in Facebook breach
"On Friday, the company revealed that stolen data on 14 million users included birth dates, employers, education and lists of friends. For 15 million users, it was restricted to just name and contact details.

"All of those could help a fraudster pose as Facebook, the employer or a friend. They could then craft a more sophisticated email aimed at tricking users into providing login information on a fake page or into clicking on an attachment that would infect their computers."
 

wwkirk

Divine
This seems rather suspicious, no?
The FBI Doesn’t Want Users To Know Who Hacked Facebook

'Hackers took advantage of an intersection of three different and distinct bugs in Facebook’s website to gain “access tokens” to users’ accounts, according to Guy Rosen, the vice president of product management at Facebook.

“We’re cooperating with the FBI, which is actively investigating and asked us not to discuss who may be behind this attack,” Rosen wrote in a post entitled “An Update on the Security Issue.”"
 

Toroid

Founding Member
Facebook unveils its biggest redesign yet in shift toward 'privacy focused' future | Daily Mail Online
Facebook debuted a major overhaul of the main app with a new logo and design
  • Mark Zuckerberg also detailed the firm's 'privacy-focused vision' for the future
  • Encryption is coming to Messenger, while private groups are now a bigger focus
  • This protects users' messages from the prying eyes of Facebook or governments
  • Other updates include 'Project Lightspeed' and a web version of Messenger
  • Facebook Dating is also rolling out more widely with a 'Secret Crush' feature

www.youtube.com/watch?v=hYAs9htk6xU
 

nivek

As Above So Below
Daily-Beast-Facebook-No-Comment.jpg


Fake News Media Archives - Big League Politics

Facebook has thus far not commented to Big League Politics regarding the assistance they provided Daily Beast journalist and former convicted hacker Kevin Poulsen in doxxing the formerly private citizen who shared the viral meme of House Speaker Nancy Pelosi appearing to speak even less clearly than usual.

Poulsen bragged about receiving private information directly from Facebook about Shawn Brooks, the man who uploaded the viral video of Pelosi that was slightly edited to make her appear less coherent than usual from big tech platform Facebook in his hit piece.

But a Facebook official, confirming a Daily Beast investigation, said the video was first posted on Politics WatchDog directly from Brooks’ personal Facebook account.

From this it is unclear exactly how much information Facebook provided about Brooks, but it appears Facebook may have completely outed Brooks’ identity.

Facebook has a history of compromising user data through leaks and accidental overreaches of third party application developers, but this may represent the first time Facebook has ever willingly turned over user data.

It is not entirely clear whether Facebook furnished Poulsen, a former black hat hacker who fled charges after he “was indicted on 19 counts of conspiracy, fraud, wiretapping and money laundering,” with the information regarding his identity, and thus far Facebook has declined to provide comment to Big League Politics.

In Poulsen’s article, he writes that “According to the [Facebook] official, there were indeed six other accounts registered alongside Brooks as page administrators,” and goes on to say that “the company determined last week that all six of them were controlled by Brooks.”

This would appear to suggest Facebook provided a great deal of information to Poulsen that he would otherwise have had little access to.

In Poulsen’s previous life as a hacker, he was accused of compromising the systems of a popular radio station, stealing private communications from a Hollywood actress, conspiring to steal United States military intelligence, and cracking the systems of the FBI and United States Army. He eventually was caught, and convicted on several of the these crimes. Poulsen served five years in prison and several more on probation. Poulsen was not allowed access to the Internet until his probation officer relented in 2004.

This event is eerily similar to a previous incident in 2017, when CNN threatened to dox a Twitter user who uploaded a video of President Donald Trump body slamming CNN. This may represent a new pattern of the media declaring war against private citizens who create content not approved by the fake news media.

.
 

nivek

As Above So Below
Facebook lawyer says 'there is no privacy,' hinting at the challenges of Zuckerberg's pivot

A lawyer for Facebook argued on Wednesday that its users had no expectation of privacy when using the social network, pushing for a judge to throw out a class-action lawsuit related to the Cambridge Analytica scandal.

“There is no invasion of privacy at all, because there is no privacy,” on Facebook or any other social media site, company attorney Orin Snyder told U.S. District Judge Vince Chhabria.

.
 

coubob

Celestial
Facebook jail. for an exchange with my liberal cousin ,i stated i didnt care if omar was rep, dem. ind, or whatever she didnt belong in any seat in politics.
 
Last edited:
Top