On Friday, Facebook revealed that it was the victim of a hack that affected nearly 50 million accounts and left 40 million others at risk.
The company determined that hackers had “exploited a vulnerability in Facebook’s code” which allowed them to take over users’ accounts. The breach, discovered Tuesday, could allow attackers to take over the accounts of affected users. Facebook said it resetted acces to hacked accounts. CEO Mark Zuckerberg described the breach as an “attack” and mentioned that those responsible had attempted to query Facebook’s database for personal information. Is was yet unclear if any accounts were misused or if any information was accessed.
Facebook said it had fixed the vulnerability and notified law enforcement officials. The situation is being investigated but the company’s internal investigation “is still in its early stages. The company is working alongside law enforcement and the FBI to gather more information.” The vulnerability allowing the exploit, according to Facebook, “stemmed from a change we made to our video uploading feature in July 2017.” The origin or identity of the attackers are not known. After the incident was made public, Sen. Mark Warner, co-chair of the Senate Cybersecurity Caucus, appreciated that „this is another sobering indicator that Congress needs to step up and take action to protect the privacy and security of social media users.”