Facebook, the largest social media company in the world, reported 2.23 billion monthly active users in second quarter 2018. With this in mind, it only makes sense that they would also be one of the most concerned companies in the world regarding the security of its users and their information.
As reported by the Wall Street Journal the attack allowed the hackers to download digital tokens from Facebook for the purpose of accessing whatever they wanted from a Facebook user’s profile. The hack involved using the tokens to exploit a vulnerability in the user’s “View as” tool. The original intent of this tool was to allow the Facebook user to view his or her profile as it would appear to the public (someone not their friend on FB) or their FB friends. Experts think that the attackers were motivated to use the information to spy on Facebook users for financial gain.
Why it Matters
If you were one of those whose information was exploited, chances are that they only have the information that you allow the public or your friends to see. Whats more is that even if they did gain access to your information there would be no way for them to access your financial data directly. What it does provide the attackers is information regarding you that you intentionally or unintentionally hide from the public that they could use to perform social engineering to gain more information towards another attack.
With the breach of security in mind Facebook is in the process of acquiring a “major cyber security firm” as reported by The Information. The popular social media company has spoken with multiple security companies and could release who they will acquire as early as next year.