Facebook security issue affecting 50 million people would have let hackers login to your account
https://www.theverge.com/2018/9/28/17914524/facebook-bug-50-million-affected-security-token-access-view-as-feature
Facebook this morning disclosed a widespread security flaw that could have allowed hackers or other malicious third parties to access an affected users account by gleaning their security token. The flaw affected as many as 50 million people, and Facebook says it’s forcibly making around 90 million users log back into their accounts in full today to be safe. It also says its fixed the issue and alerted law enforcement, indicating this may not have been an accidental engineering mistake, but a purposeful exploit discovered and potentially used by some third party organization or hacker.
The company says its engineering team was made aware of the issue on September 25th, but Guy Rosen, Facebook’s vice president of product management, says it’s not clear whether accounts were compromised or who might have been behind any malicious activity related to the security issue.