Facebook has reported that hackers have stolen digital login codes of nearly 50 million users. The breach is claimed to be the worst security breach Facebook has even experienced.

This has been a trembling year for Facebook, despite its current over 2.2 billion monthly users. Earlier this year, Facebook suffered a security breach offering personal details of 87 million users by the political firm Cambridge Analytica. Unlike the Cambridge Analytica scandal, this time the vulnerability allowed the attackers to directly take over user accounts without the help of a third-party app.

The attackers exploited a bug in which they were able to gain access to user accounts and take control of them. The attackers did not obtain the user credentials but rather their access tokens. An access token is what keeps website visitors logged in even after they leave the website, without having to reenter their credentials. Once Facebook realized what occurred, they forced those users to be logged out and required their login information for them to access the platform again, thus preventing the attackers from staying logged in.

Finally, when the video uploader appeared in “View As” mode, it generated an access code for whoever the hacker was searching for. Facebook has yet to identify the hackers, or where they may have originated. However, they have announced the FBI will investigate the case.

A few tips on how to stay secure of Facebook:

– Check which devices you are logged into. Using Facebook’s settings, you can check the Security Login tab and choose the log out options for devices which you don’t recognize or use any longer.
– Use two-factor authentication. Every time you log in from a new device, you will be required to enter your password as well as a code received via SMS to your mobile device. This can prevent hackers from accessing your account if they don’t have your mobile phone.
– Remove authorized devices. Using Facebook’s settings, you can remove old devices which don’t require a password to access you account.
– Be aware of phishing scams. Be careful of hackers who may contact you claiming to be Facebook. Even though they may look like the original Facebook, many hackers may be out to get you, especially at time like these.
– Stay password smart! Frequently change your password, make sure you don’t use the same password for other credentials and make sure to keep it a secret.

The recent breach has caused Facebook’s shares to drop 2.6%. Looking back, this past year has been a challenging one for Facebook. They have experienced several security breaches and keep proving they have many weaknesses in terms of privacy.

Learn about our solution for data breaches