Facebook faced one of its biggest security breaches this week where over 50 million accounts were hacked.
The breach was discovered on Tuesday and the company had informed the police.
At a press conference that was also attended by CEO Mark Zuckerberg, Guy Rosen, the Vice-President of Product Management said that a feature was added to the software for a video function in July 2017.
The vulnerability had already started affecting the system when the company discovered unusual activities such as a spike in the number of users. The company discovered a breach on September 25th and fixed it in two days.
The current security breach is being looked into and as a precaution, all the affected accounts have been reset along with 40 million more, Rosen said according to BBC
Current security breach
The vulnerability impacted the Facebook's 'View as' feature which lets people see how their profile would appear to others.
The attackers could access user accounts through digital tokens (equivalent to passwords or keys) by taking advantage of the vulnerabilities in the functions.
Digital tokens keep the apps logged in the background. With this, users need not log into the app every time they open it.
This breach will give the hackers user information as well as access to third-party sites like Instagram, Tinder, Airbnb.
"So the vulnerability was on Facebook, but these access tokens enable someone to use [a connected account] as if they were the account holder themselves — this does mean they could have access other third party apps that were using Facebook login," Facebook Vice President of Product Management Guy Rosen reports TechCrunch.
What to do to protect your Instagram account from the security breach?
Open Instagram, go to settings, open Linked accounts, remove Facebook from the linked accounts.
Wait for a while and re-link Facebook.
How to know if your account has been affected?
People who were potentially affected by the breach would have found that they were logged out fo their accounts on Friday afternoon and would have had to log back in.
Other giveaways that will tell you that you might be a victim are if your password, date of birth, name have been changed.
When you notice that there are messages from your account you have not sent and posts you did not write.