Rosen also said Facebook did not find any evidence suggesting the tokens were used with the Facebook Login feature either, which would have allowed the attacker to log into third-party apps via Facebook tokens.
There, you'll likely see one of the following two messages: You're in the clear, or your account was affected and here's what data the hackers might have accessed. The latter is less severe, yet still serious, since hackers were only able to access their name and contact details, such as phone number, email or both, depending on what info they had on their profile. It's a pretty extensive list: user name, gender, locale or language, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, work, the last 10 places you checked into or were tagged in, your website, people or Pages you follow and your 15 most recent searches.
Facebook said it was continuing to investigate whether the attackers took actions beyond stealing data, such as posting from accounts but had not found additional misuse.
The hack impacted 50 million accounts on the service. Users will also see a "customised message" in the coming days to assist in preventative measures. Post that, Facebook followed the proper procedure and notified the Federal Bureau of Investigation about the attack and is working with other law enforcement agencies to find out the people behind the attack.
Previously, Facebook said the attackers gained the ability to "seize control" of those user accounts by stealing digital keys the company uses to keep users logged in.
Jailed banker's wife who spent £16m at Harrods can finally be named
The Azeri finance ministry said about $3 billion could have been misappropriated by Hajiyev, who denied the charges. The NCA had alleged Hajiyeva bought two properties using money embezzled by her husband when he worked for the IBA.
Below the notice about what information was hacked, Facebook apologizes for the security breach.
On September 27, Rosen said Facebook closed the vulnerabilities, secured affected accounts, and reset access tokens for those accounts.
The revelation is the latest black eye for Facebook as it tries to recover from the scandal that came to light earlier this year in which Cambridge Analytica funneled highly personal details of more than 80 million users to an organization supporting then-presidential candidate Donald Trump.
First, attackers exploited a vulnerability in the site's code that apparently resulted from three separate bugs, from July 2017 to September 2018. He said Facebook is looking into the possibility of smaller scale attacks.
Last month, Facebook launched an investigation with the FBI and released a statement in response the the breach. That's the good news, if you can call it that.