AfterDawn: Tech news

Facebook: Hacked logins not used on third-party sites

Written by James Delahunty @ 03 Oct 2018 7:04 User comments (1)

Facebook: Hacked logins not used on third-party sites

Facebook has some reassuring news for the up to 50 million users affected by a data breach disclosed last week by the social media giant.
Last week, Facebook disclosed that a data breach affected up to 50 million users of its social network. The news set off alarms all over and concerns about how the stolen data may have been used, or is being used. One possibility is that hackers had used the "Facebook Login" feature to access third-party websites for which users signed in with their Facebook credentials.

Thankfully, there is not yet any evidence that this is the case.

"We analyzed third-party access during the time of the attack we have identified. That investigation has found no evidence that the attackers accessed any apps using Facebook Login," Facebook security VP, Guy Rosen, told the Reuters News Agency.



Facebook set out the possible negative consequences of the data breach in full when it disclosed it last week. This is thought to be due to the European Union's GDPR regulation, which would have imposed heavy penalties on Facebook if it was found to have failed to give a full picture to affected users. However, a side effect of this well-meaning and reasoned regulation is that Facebook painted the worst possible scenario after the disclosure.

For this reason, some security experts have criticized the 72-hour window imposed by GDPR to disclose everything, arguing that it doesn't provide enough time to assess the impact of the breach.

More than 42,000 websites allow users to login using their Facebook account, so the initial revelation that the stolen data could have been used to access those sites sent shockwaves. Alas, at present, there is no evidence that the data was misused in such a way.

Tags: Facebook
Previous Next  

1 user comment

13.10.2018 21:21

However, it is possible that the hacked logins could be used on the dark web which can be very difficult to trace.

Comments have been disabled for this article.

News archive