The Latest: Security expert calls Facebook hack serious

NEW YORK (AP) — The Latest on Facebook security breach (all times local):

2 p.m.

One security expert says the hacking attack on Facebook is serious — but only Facebook knows how serious.

Jake Williams, the president of Rendition Infosec, says the log-in keys that hackers got on some 50 million user accounts would likely allow hackers to view private information and post on other people’s behalf. He says access could also extend to other Facebook apps, such as Messenger.

He says the bigger concern is whether this could affect third-party applications since so many people let other sites log them in with their Facebook credentials.

But he says the log-in keys, called access tokens, wouldn’t let hackers get the users’ actual passwords. Facebook is saying there’s no need for users to reset passwords.

Facebook disclosed the breach Friday.

___

1:50 p.m.

Facebook is saying the security breach affecting 50 million user accounts required some sophistication.

Facebook executive Guy Rosen says hackers exploited three distinct bugs to access the accounts. He says hackers needed to not only steal log-in keys but know how to use them.

Facebook says hackers got those keys, called access tokens, through Facebook’s “View As” feature, which lets people see what their profiles look like to someone else. These tokens keep people logged in so they don’t have to re-enter passwords each time.

The company says it started investigating when it noticed increased user access to the service nearly two weeks ago. Facebook says the FBI has been notified in the U.S., as have Irish data protection officials for the European Union.

___

1:25 p.m.

Facebook CEO Mark Zuckerberg says the company doesn’t know yet whether hackers who had exploited a security vulnerability have misused any of the user account information.

He says there’s no evidence yet that hackers used the vulnerability to see other people’s private messages or posts or to post on those accounts. But Facebook says the investigation is continuing.

Facebook says it recently discovered a security breach affecting nearly 50 million user accounts.

In a blog post, the company says hackers exploited its “View As” feature, which lets people see what their profiles look like to someone else. Facebook says it has taken steps to fix the security problem and alerted law enforcement.

___

1:10 p.m.

Facebook says it recently discovered a security breach affecting nearly 50 million user accounts.

In a blog post, the company says hackers exploited its “View As” feature, which lets people see what their profiles look like to someone else. Facebook says it has taken steps to fix the security problem and alerted law enforcement.

To deal with the issue, Facebook reset some logins, so 90 million people have been logged out and will have to log in again. That includes anyone who has been subject to a “View As” lookup in the past year.

Facebook says it doesn’t know who’s behind the attacks or where they’re based.

The hack is the latest security headache for Facebook, which has been dealing with political disinformation campaigns from Russia and elsewhere since 2016.

Categories: National & International News