Slashdot Mirror
Facebook Finds 'No Evidence' Hackers Accessed Connected Apps (techcrunch.com)
An anonymous reader quotes a report from TechCrunch: Facebook has said it's found "no evidence" that third-party apps were affected by the data breach it revealed last week. Hackers stole account access tokens on at least 50 million users by exploiting a chain of three vulnerabilities inadvertently introduced by Facebook last year. Another 40 million also may have been affected by the attack. Facebook revoked those tokens -- which keep users logged in when they enter their username and password -- forcing users to log back into the site again. But there was concern that third-party apps, sites and services that rely on Facebook to log in -- like Spotify, Tinder and Instagram -- also may have been affected, prompting companies that use Facebook Login to seek answers from the social networking giant. "We have now analyzed our logs for all third-party apps installed or logged during the attack we discovered last week,â said Guy Rosen, Facebook's vice president of product management, in a blog post. "That investigation has so far found no evidence that the attackers accessed any apps using Facebook Login. Any developer using our official Facebook SDKs -- and all those that have regularly checked the validity of their users' access tokens -- were automatically protected when we reset people's access tokens."
Furthermore, Rosen said that not all developers use Facebook's developer tools, so the social network is "building a tool to enable developers to manually identify the users of their apps who may have been affected, so that they can log them out."
Furthermore, Rosen said that not all developers use Facebook's developer tools, so the social network is "building a tool to enable developers to manually identify the users of their apps who may have been affected, so that they can log them out."
Keeping Dimtards at the lowest level of information as possible.
If you decide not too look too hard.
And yet there are Facebook accounts allegedly from this breach available for sale on the dark web.
Technically Facebook 'didn't find evidence' of 3rd part app access, but may I point to the front door being left open? No need to enter via a window.
Facebook account takeover gives access to all the sites that (only) log in using a Facebook account.
... did not rape and eat babies.
Even though "Anonymous sources say...". ...".
And now that I "reported" it a thousand times "Amerika agrees, that
And if I am caught lying, then "A study finds that it was Russian hackers".
Somebody should make a game out of this. Using only real headlines with placeholders. :)
Surely all my eggs will be safe in this basket!
We looked at ourselves and found nothing wrong!
a) hell no
b) hell yes
c) baaaaaa (for all the sheeple)
d) undecided
e) Ill follow cowboy Neil's lead.
Why would it lie?
Oh $Wait$
Just increases the degree of incompetence displayed...
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Yet. How fast can they actually check ALL the logs?
Someone should force them to pay a third party to read their logs, and publish their results.
Their failure to find evidence doesn't mean that it didn't happen.
There was a breach and they don't have a clue. Good hackers cover their tracks.
Is there something worse that hackers could do that isn't a data mining product that Facebook is selling their customers?
>>"ad space available -- low rates!!!"
For +200K per year I would know where not to look.
They were quite good hackers probably funded by a Government.
If anyone claims otherwise they are LIYING! #MAGA