There is a way for Facebook to announce the results of the investigation due to leakage of personal information of 50 million people, to confirm whether or not the person was damaged

Facebook announced the findings of the incident that the access token of the Facebook account for 50 million people was stolen and it became unlimited access .

An Update on the Security Issue | Facebook Newsroom

On September 25, 2018, Facebook reported that it discovered security leaks that would affect about 50 million users. This problem is a vulnerability that existed in the confirmation tool to check the profile of each user's profile from other users, and as each user uses Facebook related services in an application or the like , A digital key "access token" was acquired to make it unnecessary to log in to the service, and access to personal information such as name, face photo, friend's list etc was made.

Security leaks affecting 50 million users on Facebook are discovered, users' access tokens are stolen - GIGAZINE

According to what Facebook revealed, the company began investigating by detecting an abnormal increase in activity from September 14, 2018. And on September 25th, I confirmed that this case was an attack by an attacker, and found out the vulnerability causing the incident. Succeeded to eliminate the vulnerability by modifying the source code within two days from that, the attack stopped. In addition, Facebook has taken measures to contain further access from third parties by resetting the access token of the user who may have been the target of the attack.

Facebook is cooperating with the FBI (Federal Bureau of Investigation) investigation on this matter, and states that it will not disclose information on those who are supposed to be behind the attack by instructions from the FBI.

In addition, it was an outflow of tokens originally thought to be 50 million people, but in reality it was smaller and it was also found to be 30 million people. The attacker first accessed the account of the first target, traced a friend in an automated system from there, finally got an access token of 400,000 people. And at this time, it seems that information such as posts and friends list displayed on the timeline, groups participating, people who talked on messenger recently leaked out. The content of conversation by messenger is basically unable to see, but only if the owner of the account is an administrator of some group, and the conversation was done by the last messenger, the contents could leak out It is said that there is sex.

The attacker then obtains an access token of 30 million people at the departure point from the friend list of 400,000 accounts. Of those 15 million people there is a high possibility that two pieces of information, such as name and contact information (phone number, mail address, etc.) leaked out. For the remaining 14 million people, in addition to the above two pieces of information, access to the user name and gender, the locale and language of the account, the status of relocation, religion, place of origin, registered residence, birthday It is believed that more detailed information such as information on a terminal, school, work, ten points checked in recently, has leaked out. For the remaining 1 million people, it is said that access to personal information has not been confirmed.

On Facebook, we provide a page that lets users see if their account was damaged.

An important update about Facebook's recent security incident | Facebook Help center

At the end of the page is displayed the confirmation as to whether the damage was damaged, and in the account of the editorial staff, "your Facebook account has not been impacted by this security incident. (In your Facebook account, there is no damage caused by this one case It was a message "was displayed." Perhaps you should check people you care about just in case.

in Web Service,   Security, Posted by darkhorse_log