Facebook made a new announcement today regarding the hack that he confirmed on Friday, then saying that the data of 50 million users were accessed by hackers, although he had logged out of 90 million people's accounts. Today the people from Facebook returned to the announcement, and confirmed the fact that the problem is much, much bigger than initially thought, affecting a much larger range of websites on the Internet.
Facebook stated that all the websites where its users logged in using the social network account, became automatically vulnerable, hackers being able to log in without problems in those accounts using the vulnerability in the Americans' platform. Basically, if you use your Facebook account to log in to Instagram, then the hackers could access and control your Instagram account through Facebook, without you knowing what is really happening.
Facebook: ATTENTION, the HACK is MORE SERIOUS than announced
Facebook has reset all the tokens that allowed logging into various websites using an account from its platform, but it is hard to say if this solves the problem, and hackers will not be able to use the old ones in the future. Practically, any website that allows logging in through Facebook was, and maybe even still is, affected by this problem, user data being accessed, or even extracted by hackers, but no one knows exactly how long this has been happening.
"Beyond the impact on Facebook accounts themselves, the company confirmed that the breach affected Facebook's implementation of Single Sign-On, the practice that allows you to use one account to sign in to other websites. The idea is to use a trusted service like Facebook, Google, Twitter and so on to connect to sites and services on the web, rather than creating a unique profile for each one.”
Basically, Facebook had a huge security breach that was exploited using three existing vulnerabilities in the social media platform, which were apparently blocked by the American company. Despite this, Facebook users are left with a lot of questions, and they can think that they can be exposed to a similar attack at any time again, as long as those from Facebook do not seem to be able to really protect their data.