Were you logged out of Facebook today? Well, you were among 90 million whose accounts were breached
San Francisco, Sep 28 : In the biggest-ever security breach after Cambridge Analytica scandal, Facebook on Friday admitted hackers broke into nearly 50 million users' accounts by stealing their "access tokens" or digital keys.
This allowed them to steal Facebook access tokens which they could then use to take over people's accounts, Facebook said in a statement.
Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they do not need to re-enter their password every time they use the app.
"Our investigation is still in its early stages. But it's clear that attackers exploited a vulnerability in Facebook's code that impacted 'View As', a feature that lets people see what their own profile looks like to someone else," said Guy Rosen, VP of Product Management.
Facebook security team discovered the security issue on September 25, and it has now fixed the vulnerability and informed the law enforcement.
"We have reset the access tokens of the almost 50 million accounts we know were affected to protect their security.
"We're also taking the precautionary step of resetting access tokens for another 40 million accounts that have been subject to a 'View As' look-up in the last year," Facebook said.
As a result, around 90 million people will now have to log back into Facebook, or any of their apps that use Facebook login.
After they have logged back in, people will get a notification at the top of their News Feed explaining what happened.
"We're temporarily turning off the 'View As' feature while we conduct a thorough security review," Facebook said.
This attack exploited the complex interaction of multiple issues in Facebook code.
"The attackers not only needed to find this vulnerability and use it to get an access token, they then had to pivot from that account to others to steal more tokens," it said.
Facebook said it does not know who is behind this massive security attack.
"We're working hard to better understand these details and "we will update this post when we have more information, or if the facts change," said the company.
In the Cambridge Analytica scandal, data of nearly 87 million people was breached upon.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
Chhattisgarh Vedanta power plant blast: Death toll rises to 20; sixteen workers undergoing treatment
Sakti (Chhattisgarh) (PTI): The death toll in a blast at the Vedanta power plant in Chhattisgarh's Sakti district has mounted to 20 with seven more workers succumbing to injuries, while 16 others are undergoing treatment at different hospitals, officials said on Wednesday.
The deceased include six labourers from West Bengal, five from Chhattisgarh, three each from Jharkhand and Uttar Pradesh, two from Bihar, and one from Madhya Pradesh.
The opposition Congress has demanded registration of an FIR against the plant management and a judicial inquiry into the incident.
The explosion occurred on Tuesday afternoon in a steel tube carrying high-pressure steam from the boiler to the turbine at the Vedanta Ltd power plant located in Singhitarai village, leaving several workers with severe burn injuries.
According to officials, four workers died on the spot, while nine others succumbed to injuries soon after the incident.
Seven more workers have died in hospitals, raising the toll to 20, Sakti Collector Amrit Vikas Topno told PTI on Wednesday.
He said that a total of 36 workers were affected in the blast, and 20 of them died.
"Of the 16 injured workers, five are undergoing treatment in hospitals in Raipur, while 11 others are in hospitals of Raigarh, the neighbouring district of Sakti," he added.
Topno added that every possible effort was being made to provide the best medical treatment to the injured.
The deceased were identified, and their family members are being contacted. Arrangements have been made to transport the mortal remains to their native villages via ambulance following the postmortem examination and to provide immediate financial assistance, he said.
Chief Minister Vishnu Deo Sai has announced a compensation of Rs 5 lakh to the families of each deceased worker and Rs 50,000 for those injured.
Vedanta Power has also announced a Rs 35 lakh compensation for the family of each deceased worker, along with employment support.
The company will also provide Rs 15 lakh to each injured person, ensure salary continuation until recovery, and offer counselling support, a statement from the plant management said.
The chief minister has ordered an inquiry by the Commissioner of the Bilaspur division, assuring strict action against the guilty.
He directed officials to ensure free and proper medical treatment for all injured and emphasised that no negligence in their care would be tolerated.
The district administration has also ordered a separate magisterial probe, while the company has initiated its own internal investigation.
Collector Topno has appointed the Sub-Divisional Magistrate (SDM) of Dabhra to conduct the magisterial inquiry.
The SDM has been asked to submit a report within 30 days covering key aspects, including the cause of the accident, whether it was due to technical or human error, and details of safety inspections carried out at the plant.
Meanwhile, the opposition Congress has demanded registration of an FIR against the plant management and a judicial inquiry into the incident.
State Congress communication wing head Sushil Anand Shukla on Wednesday alleged negligence on the plant management's part and accused the government of attempting to shield those responsible.
He also demanded compensation of Rs 1 crore for the families of the deceased and Rs 50 lakh for the injured.
The construction of a 1,200 MW coal-based thermal power project (two units of 600 MW each) in Singhitarai, originally owned by Athena Chhattisgarh Power Ltd, started in 2009, but remained stalled between 2016 and 2022.
Vedanta acquired the plant in 2022, after which a 600 MW unit was completed and commissioned in August last year, while the second unit is still under construction.
The deceased have been identified as Amrit Lal Patel, Thanda Ram Lahre, Udhab Singh Yadav, Rameshwar Mahilange, and Nadeem Ansari (all from Chhattisgarh); Susanta Jana, Sheikh Saifuddin, Manas Giri, Kailash Mahto, Shibnath Murmu, and Dipankar Singh (West Bengal), Tarun Kumar Ojha, Abdul Karim and Ashok Parhiya (Jharkhand), Raju Ram, Pappu Kumar and Brijesh Kumar (Uttar Pradesh), Aakib Khan and Ritesh Kumar (Bihar), and Chitranjan Dhulai of Madhya Pradesh, officials said.
