Facebook revives a version of a privacy feature that it disabled last year after hackers misused it to steal users' tokens – the keys that allow users to continue to log in to Facebook without having to re-enter their password each time they use the app.
The stolen access tokens gave attackers access to all the data of the affected users, including everything that you can see, read, download or change when you log in to Facebook.
Facebook discovered the breach in September.
Initially, the company thought that 50 million accounts had been affected and set it back another 40 million as a precautionary measure. In October it reduced the number to around 30 million accounts – still a large number of users whose phone numbers, emails and other information were at risk.
Tuesday, Facebook updated its first blog post about the violation to report that it has completed a security review and re-enabled a version of the "View As" feature that was not affected by the security incident.
Today we make it easier for people to manage their publicly visible information on Facebook with two updates: … twitter.com/i/web/status/1 …
Facebook Facebook) May 14, 2019
The cruel irony of the data breach was that the whole idea of "View As" was to help people improve their privacy and security by showing them how they view the outside world.
The "View as public" feature allows people to see what their profile looks like for people they are not friends with on Facebook. Not only was the recovered version not affected by the infringement, but this version was also "considerably more popular" than Facebook's "View as Specific Person" feature, Facebook says.
The company also adds a & # 39; edit public details button & # 39; to make it easier for users to find settings that allow them to manage the profile information that the public can see.
. (tagsToTranslate) facebook (t) security threats (t) social networks (t) facebook (t) error (t) view user access tokens (t) as