Read This Now if You Were Affected by Facebook’s Security Breach

Last week, Facebook announced that a hack on its network had exposed the personal information of nearly 50 million users. The largest breach in company history allowed cyberattackers to exploit part of Facebook’s code, taking advantage of three software flaws to compromise and possibly control user accounts.

To make matters worse, two of the flaws were part of the “View As” tool, which is intended to improve user privacy. The third flaw was part of a tool that allowed users to upload videos for their birthdays. Both tools allowed hackers to gain access to digital keys that allow users to access Facebook from a mobile device without having to enter a password upon each login.

Facebook officials said they had quickly identified and repaired the vulnerabilities, notifying law enforcement and kicking off an investigation into the root cause of the breach. But the message was clear for users already worried about online privacy concerns: even the most commonly used platform, which has more than 2.2 billion users across the globe, can put personal information at risk. The breach also affected popular apps like Spotify and Instagram, which allow users to log in using their Facebook credentials.

On Friday, September 28th, Facebook logged more than 90 million users out automatically. So if you used the app between the 28th-30th and found that you had to log back in, you might have been affected.

The quickest way to figure out whether an illicit user has improperly accessed your Facebook account is to do an audit of the devices used to log in to the system. On Facebook’s Security and Login page, a tab marked “Where You’re Logged In” will display a list of devices signed in to your account, in addition to their locations. If you notice an unfamiliar device logged in from an unusual location, click the “Remove” button to kick that device out of your account.

If you use the same password for all of your online accounts, you’re exactly the kind of target that cybercriminals hope for when they launch attacks like the one on Facebook. Don’t rely on generic passwords—instead, create strong and unique ones that are at least eight characters long and mix upper- and lower-case numbers, letters, and symbols—think “P@ssw0rd#!23” instead of “password123.

This requires users to enter a unique code, typically delivered via text message, along with their regular password whenever logging in to an account. It might add a few extra seconds to your day, but the security upgrade is significant: even if a hacker gained access to your password, it would be nearly impossible to log in without the two-factor authentication code.

With new breaches making the news every day, companies of all sizes and in all industries are right to be concerned about their level of security. At CMIT Solutions, we recommend right-sized assessments that take into consideration the size and complexity of your business and whether or not your business is subject to regulatory constraints. We can help protect your business with 24/7 monitoring, strong antivirus and anti-spam software, remote data backup, and more advanced tools like enterprise-grade password management.

If you’re unsure about the security of your Facebook account or other social media applications, contact CMIT Solutions today. We take online security seriously, and we’re committed to improving the safety of your information so that you can focus on running your business.

Back to Blog


Related Posts

15 Quick Keyboard Shortcuts to Supercharge Your Use of Microsoft Office

In late 2013 and early 2014, CMIT Solutions covered 10 tricks, tips,…

Read More

Personal Data at Risk if You Don’t Wipe Your Old Mobile Device

Over the last 12 months, the four largest mobile carriers in the…

Read More

Who Can You Trust with Your Information? Recent Poll Says Not Many Institutions

No technology trend has been more ubiquitous lately than online security (or…

Read More