Facebook has discovered a security breach where hackers were able to access user information allowing them to take over as many as 50 million accounts, the company announced on Friday.
In a blog post by the company, it announced that its engineering team found attackers had found a weakness in the company’s code with respect to its ‘view as’ feature.
This feature allows users to see their profiles as other users (depending on their privacy options) on the social networking site.
This security breach allowed cybercriminals to access digital keys or ‘tokens’, which let people stay logged on Facebook without having to re-enter their username and password.
According to the company, almost 50 million accounts were affected and had their access tokens reset. It also reset an additional 40 million accounts as a precautionary measure, for a total of 90 million accounts.
Facebook, which was already trading down about 1.5 per cent before the announcement, extended losses to as much as 3.4 per cent after the disclosure today.
According to the New York Times, to contain the fallout, Facebook said it has instituted strict data-sharing policies with third-parties and has scaled back the amount of data it would share with developers in the future.
The company suspended access to more than 400 third-party apps after an audit of the thousands of outside apps connected to Facebook.