(CNET) – Facebook on Friday said a breach affected 50 million people on the social network.
The vulnerability stemmed from Facebook’s “View As” feature, which lets people see what their profiles look like to other people. Attackers exploited code associated with the feature that allowed them to steal “access tokens” that could be used to take over people’s accounts.
While access tokens aren’t your password, they allow people to log into accounts without needing it. As a precautionary measure, Facebook logged about 90 million people out of their accounts, the company said.
The social network said it discovered the attack earlier this week and informed law enforcement. The company said the investigation is in the early stages and Facebook does not yet know who was behind the attacks.