Facebook: hackers did not access other sites with its login
- 03 October, 2018 08:15
Facebook said that investigators have determined that hackers did not access other sites that use the social networking site's single sign-on in a massive cyber attack that the company disclosed last week.
”We analysed third-party access during the time of the attack we have identified,” said Guy Rosen, a Facebook vice president overseeing security, in a statement sent to Reuters.
“That investigation has found no evidence that the attackers accessed any apps using Facebook Login.”
The announcement comes after Facebook last week disclosed its worst-ever security breach, saying hackers had stolen login codes that allowed them to access nearly 50 million Facebook accounts.
Rosen warned on a Friday conference call that the hackers could have also accessed third-party websites and apps that allow uses to access their accounts using Facebook logins.
Security researchers with the University of Illinois at Chicago estimate that more than 42,000 websites allow customers to access their accounts with Facebook Login, an estimate that prompted concern the attack on the social networking site could reverberate across the internet.
Sites that use Facebook Login told Reuters that they had not identified any signs that their users had been breached.
UK-based travel site SkyScanner and IKEA Group's TaskRabbit site, which provides home repairs and furniture assembly, said they were investigating the potential impact on customers.
Ride-hailing giant Uber said it has closed active sessions using Facebook login credentials as it investigated the matter.
Workplace app users
Meanwhile, the social media giant also said it was investigating if a security breach that it revealed last week had impacted users of its corporate chat app, Workplace.
Facebook had said hackers stole digital login codes that could have allowed them to take over nearly 50 million user accounts.
The company, however, said it was yet to determine whether the attackers misused any accounts or stole private information. Workplace spokesperson said on Tuesday it currently did not have any evidence to suggest that any of its customers have been impacted.
"We are investigating and reaching out to customers directly to keep them informed," the spokesperson said.
Business Insider first reported a potential issue with the app.
(Reporting by Sonam Rai in Bengaluru and Jim Finkle and Angela Moon in New York; Editing by Shounak Dasgupta; Jonathan Oatis and Leslie Adler)