Late last week, news broke that Facebook had experienced a huge security and data breach. If you’re wondering how protect yourself from the Facebook hack, you aren’t alone. At least 50 million Facebook accounts were possibly compromised in the hack—and it looks like it could be more than that…a lot more.
But it’s not just Facebook: it’s also possible that your Instagram account may have been affected, too. If you use your Facebook account to log into your Instagram account, this action may have allowed hackers access. There has been no official confirmation from Facebook about whether or not IG accounts were compromised.Representatives for Facebook did not immediately return Red Tricycle’s request for comment.
Read on for answers to some of your most important questions following this massive Facebook hack.
Photo: PDPics via Pixabay
So, what happened?
Facebook offered the following security update about the hack at its website: “Our investigation is still in its early stages. But it’s clear that attackers exploited a vulnerability in Facebook’s code that impacted ‘View As,’ a feature that lets people see what their own profile looks like to someone else.” And why is this so bad? It allowed the hackers to steal Facebook access tokens.
If that makes absolutely no sense to you, think of it this way—the tokens are like a digital key. After logging in, the tokens make it possible for you to use the FB app without having to go back and enter your password again. Following an initial investigation, passwords and payment info were reportedly not compromised by the hack.
How do I know if I was hacked?
Facebook immediately fixed the vulnerability that allowed the hackers to get into their system. They also reset access tokens for every affected account. Along with the 50 million affected users, FB is also resetting the access tokens of an additional 40 million accounts that may have been part of a “View As” look-up within the last year.
If you were affected, you’ll have to log in to your account the next time you use it (with your password). You’ll also get a notification that explains what’s going on with your account.
What should I do now?
If you weren’t affected—meaning, you don’t get a notification—it’s still not a bad idea to reset your access tokens by logging out of your Facebook account and logging back in. You should also log out and log back in to other accounts that use Facebook to login info—Instagram for sure, but also apps like What’s App, Uber, Spotify, Pinterest—and any other that uses Facebook Login, too.
You could just create totally separate log-in info, unlinking all of your accounts from Facebook. A pain, yes—but if you’re really worried about your account safety and privacy, it’s pretty much the only way to ensure your Facebook info can’t be used to hack into other non-Facebook accounts you might have.
While passwords weren’t stolen during this attack, it never hurts to change yours. And this little reminder of internet security might prompt you to rethink how long you go in-between resetting passwords—or what you use as a password. Remember, “password” or your child’s name (which is probably splashed all over your FB page) aren’t exactly the best options. Instead, pick a strong password that you’ll remember—but hackers won’t be able to guess.