Rosen also said Facebook did not find any evidence suggesting the tokens were used with the Facebook Login feature either, which would have allowed the attacker to log into third-party apps via Facebook tokens.
There, you'll likely see one of the following two messages: You're in the clear, or your account was affected and here's what data the hackers might have accessed. The latter is less severe, yet still serious, since hackers were only able to access their name and contact details, such as phone number, email or both, depending on what info they had on their profile. It's a pretty extensive list: user name, gender, locale or language, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, work, the last 10 places you checked into or were tagged in, your website, people or Pages you follow and your 15 most recent searches.
Facebook said it was continuing to investigate whether the attackers took actions beyond stealing data, such as posting from accounts but had not found additional misuse.
The hack impacted 50 million accounts on the service. Users will also see a "customised message" in the coming days to assist in preventative measures. Post that, Facebook followed the proper procedure and notified the Federal Bureau of Investigation about the attack and is working with other law enforcement agencies to find out the people behind the attack.
Previously, Facebook said the attackers gained the ability to "seize control" of those user accounts by stealing digital keys the company uses to keep users logged in.
China May Have Legalized Muslim 'Re-education Camps'
More than one million Muslims are reportedly being held in the Xinjiang region in the west of the country in internment camps. China says its network of detention centres will also teach Mandarin Chinese, legal concepts and provide vocational training.
Below the notice about what information was hacked, Facebook apologizes for the security breach.
On September 27, Rosen said Facebook closed the vulnerabilities, secured affected accounts, and reset access tokens for those accounts.
The revelation is the latest black eye for Facebook as it tries to recover from the scandal that came to light earlier this year in which Cambridge Analytica funneled highly personal details of more than 80 million users to an organization supporting then-presidential candidate Donald Trump.
First, attackers exploited a vulnerability in the site's code that apparently resulted from three separate bugs, from July 2017 to September 2018. He said Facebook is looking into the possibility of smaller scale attacks.
Last month, Facebook launched an investigation with the FBI and released a statement in response the the breach. That's the good news, if you can call it that.