Facebook has revealed that it has discovered a potentially serious security flaw in the implementation of the user-facing ‘View As’ feature that allows you to see your profile as it may appear to others or the general public .through an official blog site
It has found that the loophole may have been introduced back in July 2017 via the addition of a new video player and hackers may have been able to get their hands on the ‘access tokens’ (digital login information) of up to 50 million profiles. The social media giant was made aware of the hack on 25th September, over 2 years post the vulnerability may have been introduced on the platform.
Facebook `s Action
The social media giant, in its blog post, said that it has patched up the security issue and informed the necessary law enforcement agency of the same. It has also taken steps to ensure the safety of its humongous userbase and is forcing them to relogin into their accounts. The social media giant is also asking 40 million more users to re-login as they have used the ‘View As’ feature over the past couple of years.
The lawsuit has been filed by Carla Echavarria and Derick Walker respectively in the U.S District Court for the Northern District of California. They’ve both alleged that Facebook’s lack of security has exposed their personal info, increasing the chance of identity theft. It has further been stated that the social networking giant is involved in “unlawful business practices, deceit by concealment, negligence, and is in violation of California’s Customer Records Act.”