- Facebook announced a major new security breach on Friday.
- 50 million users accounts were affected by the attack, in which attackers were able to take over users’ accounts.
- It’s not yet clear who’s behind the attack.
A hacker gained access to nearly 50 million Facebook user accounts by exploiting a weakness in the social network’s systems, Facebook said on Friday.
News of the cyber attack — which appears to be one of the most significant in Facebook’s history — sent shares of the company down roughly 3% in midday trading on Friday, adding to the pile of woes currently weighing on the company.
Facebook CEO Mark Zuckerberg hosted a conference call with journalists shortly after the news was announced, underscoring the severity of the situation.
“We do not yet know whether these accounts were misused but we are continuing to look into this and will update when we learn more,” Zuckerberg said in a blog post published on Friday.
The Silicon Valley tech firm said it discovered on Tuesday that an unknown attacker, or attackers, had taken advantage of a security flaw to take over users’ accounts.
Facebook’s VP of Product Management Guy Rosen wrote in a blog post announcing the news on Friday: “Our investigation is still in its early stages. But it’s clear that attackers exploited a vulnerability in Facebook’s code that impacted ‘View As’, a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts.
“Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.”
Facebook says it’s not yet clear who is behind the attack.
The company is holding a press call on Friday morning with the media; Business Insider will attend and update this story with more information as it becomes available.
This story is developing…