Facebook says hackers didn't access any third-party app
San Francisco, Oct 3 : Tendering a fresh apology in the data breach that affected 50 million users, Facebook has said that a detailed investigation found no evidence that the hackers accessed any third-party apps using Facebook Login.
In the biggest-ever security breach after Cambridge Analytica scandal, Facebook last week admitted that hackers broke into nearly 50 million users' accounts by stealing their "access tokens" or digital keys.
"We have now analysed our logs for all third-party apps installed or logged in during the attack we discovered last week. That investigation has so far found no evidence that the attackers accessed any apps using Facebook Login," Guy Rosen, Vice President of Product Management at Facebook, said in a statement late on Tuesday.
Rosen said Facebook has fixed the vulnerability and reset the access tokens for a total of 90 million accounts -- 50 million that had access tokens stolen and 40 million that were subject to a "View As" look-up in 2017.
"Resetting the access tokens protected the security of people's accounts and meant they had to log back in to Facebook or any of their apps that use Facebook Login," the Facebook executive said, adding that "we're sorry that this attack happened".
Any developer using official Facebook SDKs -- and all those that have regularly checked the validity of their users' access tokens - were "automatically protected when we reset people's access tokens".
"However, out of an abundance of caution, as some developers may not use our SDKs, we're building a tool to enable developers to manually identify the users of their apps who may have been affected, so that they can log them out," said Rosen.
The social media giant recommends developers stick to its Login security best practices like using official Facebook SDKs for Android, iOS and JavaScript, using the Graph API to keep information updated regularly and log users out of apps where error codes show that any Facebook session is invalid.
Ireland's Data Protection Commission, which is Facebook's lead privacy regulator in Europe, has asked Facebook to submit more details in the incident where data of over 50 million users were hacked.
The privacy watchdog could fine Facebook as much as $1.63 billion for the data breach.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
RCB beat MI by 18 runs after batters fire
Mumbai (PTI): Royal Challengers Bengaluru skipper Rajat Patidar, Phil Salt and Virat Kohli blasted half-centuries as the defending champions beat Mumbai Indians by 18 runs in an Indian Premier League match here on Sunday.
Salt (78 off 36 balls) and Kohli (50 off 38 balls) stitched together a 120-run stand for the opening wicket before Patidar scored a rapid 53 off just 20 balls as RCB posted 240 for 4.
In response, Mumbai Indians were restricted to 222 for 5, with RCB spinner Suyash Sharma (2/47) putting the skids on the home side with a double strike in the eighth over, from which they could not recover.
Sherfane Rutherford top-scored for MI with an unbeaten 71 off 31 balls.
While opener Rohit Sharma appeared to be struggling with a hamstring issue and had to retire hurt on 19, his partner Ryan Rickelton made 37, while Suryakumar Yadav (33) and Hardik Pandya (40) were the other contributors for MI.
Brief scores:
Royal Challengers Bengaluru 240 for 4 in 20 overs (Phil Salt 78, Virat Kohli 50, Rajat Patidar 53, Tim David 35 not out).
Mumbai Indians: 222 for 5 in 20 overs (Sherfane Rutherford 71 not out, Ryan Rickelton 37, Hardik Pandya 40; Suyash Sharma 2/47).
