What Instagram users need to know about Facebook’s security breach

Even if you never log into Facebook itself these days, the other apps and services you use might be impacted by Facebook’s latest big, bad news.

In a follow-up call on Friday’s revelation that Facebook has suffered a security breach affecting at least 50 million accounts, the company clarified that Instagram users were not out of the woods — nor were any other third-party services that utilized Facebook Login. Facebook Login is the tool that allows users to sign in with a Facebook account instead of traditional login credentials and many users choose it as a convenient way to sign into a variety of apps and services.

Third-party apps and sites affected too

Due to the nature of the hack, Facebook cannot rule out the fact that attackers may have also accessed any Instagram account linked to an affected Facebook account through Facebook Login. Still, it’s worth remembering that while Facebook can’t rule it out, the company has no evidence (yet) of this kind of activity.

“So the vulnerability was on Facebook, but these access tokens enable someone to use [a connected account] as if they were the account holder themselves — this does mean they could have access other third party apps that were using Facebook login,” Facebook Vice President of Product Management Guy Rosen explained on the call.

“Now that we have reset all of those access tokens as part of protecting the security of people’s accounts, developers who use Facebook login will be able to detect that those access tokens has been reset, identify those users and as a user, you will simply have to log in again into those third party apps.”

Rosen reiterated that there is plenty Facebook does not know about the hack, including the extent to which attackers manipulated the three security bugs in question to obtain access to external accounts through Facebook Login.

“The vulnerability was on Facebook itself and we’ve yet to determine, given the investigation is really early, [what was] the exact nature of misuse and whether there was any access to Instagram accounts, for example,” Rosen said.

Anyone with a Facebook account affected by the breach — you should have been automatically logged out and will receive a notification — will need to unlink and relink their Instagram account to Facebook in order to continue cross-posting content to Facebook.

How to relink your Facebook account and do a security check

To do relink your Instagram account to Facebook, if you choose to, open Instagram Settings > Linked Accounts and select the checkbox next to Facebook. Click Unlink and confirm your selection. If you’d like to reconnect Instagram with Facebook, you’ll need to select Facebook in the Linked Accounts menu and login with your credentials like normal.

If you know your Facebook account was affected by the breach, it’s wise to check for suspicious activity on your account. You can do this on Facebook through the Security and Login menu.

There, you’ll want to browse the activity listed to make sure you don’t see anything that doesn’t look like you — logins from other countries, for example. If you’re concerned or just want to play it safe, you can always find the link to “Log Out Of All Sessions” by scrolling toward the bottom of the page.

While we know a little bit more now about Facebook’s biggest security breach to date, there’s still a lot that we don’t. Expect plenty of additional information in the coming days and weeks as Facebook surveys the damage and passes that information along to its users. We’ll do the same.



from www.tech-life.in
Share:

No comments:

Post a Comment

Search This Blog

Blog Archive

Powered by Blogger.

Edo raises $12M from Breyer Capital to measure TV ad effectiveness

Edo , an ad analytics startup founded by Daniel Nadler and actor Edward Norton, announced today that it has raised $12 million in Series A f...

Blog Archive

Recent Posts

Unordered List

  • Lorem ipsum dolor sit amet, consectetuer adipiscing elit.
  • Aliquam tincidunt mauris eu risus.
  • Vestibulum auctor dapibus neque.

Sample Text

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation test link ullamco laboris nisi ut aliquip ex ea commodo consequat.

Pages

Theme Support

Need our help to upload or customize this blogger template? Contact me with details about the theme customization you need.