The social network Facebook has been hacked. A security breach has affected more than 50 million accounts worldwide. Explanations.
Some 50 million Facebook accounts have been hacked because of a security breach, a large-scale attack that is reviving criticism of the social network that has already been severely undermined by controversies, particularly around the protection of personal data.
This ubiquitous blunder, whose social network is still trying to determine the exact scope, is due to a “flaw” that was “repaired yesterday (Thursday) evening,” according to Facebook boss Mark Zuckerberg, during a conference call Friday.
“We do not know if these accounts were used in a malicious way,” he said, adding that investigations were under way to find out exactly what data hackers had access to and what they had done.
Despite numerous questions from journalists, Facebook officials did not say how long the computer attack lasted.
This revelation appears as a new ball at the foot of the group and its all-powerful CEO, who has already had to face this week the surprise departure of the two leaders of its affiliate Instagram.
Access to personal information
And critics have not been long in coming: Mark Warner, Democrat of Virginia, has described the hacking as “deeply disturbing,” calling on Congress “to take steps to protect privacy and user safety.” “.
More soberly, Rohit Chopra, a member of the US Trade Regulatory Agency (FTC), asked for “answers” via his Twitter account.
According to Facebook, “almost 50 million accounts were assigned directly”, the hackers were able to access the information of profiles (names, gender, city …) by the functionality “See as,” which allows to look at his own profile as if we were another user.
Uncertainty remains about 40 million more accounts, for which the feature has been used recently, said Facebook officials.
Can be 90 million accounts affected?
In doubt, the group disconnected in the night from Thursday to Friday the 90 million accounts concerned , forcing their holders to reconnect manually.
According to Mark Zuckerberg , the flaw and the attack were discovered on Tuesday, following an internal investigation launched on September 16 after the discovery of a spike in connections. As for the vulnerability that served as a gateway for hackers, it dates back to July 2017 when a video function on the platform was updated.
It is thanks to the “combination of three bugs” that the hackers were able to access digital keys of connection (“tokens” in English), which allow the users to remain connected without having to enter their passwords every time , explained Facebook.
The hackers “could use the account as if they were the owners”
Above all, the “hackers ” could “use the account as if they were the holders,” noted Guy Rosen, in charge of “Product Management” and therefore for example connect to other applications or websites via the hacked accounts.
“We are sorry,” he added, not knowing who was behind the attack.
However, according to initial findings, hackers did not seem to access private messages or posted publications while passwords were not compromised, nor banking information, assured the company.
Facebook’s WhatsApp mail users have not been affected , she added in a tweet.
Trust is eroding with Facebook
This additional blunder is likely to further shake the confidence of users, already undermined by several scandals around Facebook, which is experiencing the worst crisis in its young history.
The group is criticized for having served as a platform for political manipulation, especially during the 2016 US presidential campaign, or for letting the data of tens of millions of users go unnoticed to the British firm Cambridge Analytica.
Despite repeated apologies from his leader, including in front of the US Congress, the image of Facebook, born in 2004, came out largely tarnished.
And while the scandals had long spared his finances, the giant was hit by a stock market in July after announcing a quarterly turnover and a number of users considered disappointing.
In addition to these scandals, Facebook, whose title ended down 2.6% Friday on Wall Street , had warned two years ago that its exponential growth would slow down.
Beyond Facebook, all technology platforms (Twitter, Google …) are criticized for their management of personal data, the foundation of their business model.
“Too much is too much,” Friday’s Fight for the Future advocacy organization called on legislators to legislate.
Facebook’s hack is the latest in a series of massive attacks in recent years, including Yahoo, Uber, or the US credit bureau Equifax.