September 29, 2018
Facebook have taken steps to contain the incident, including fixing the vulnerability and resetting access tokens for affected (and potentially affected) users. If you have been logged out of Facebook automatically, this suggests Facebook have taken containment steps in relation to your user account. Facebook are advising that users need not change their passwords at this stage.
Facebook will provide further updates as the circumstances of this security issue continue to unfold. In the interim, users may consider taking the following precautionary steps to protect their personal data.
IDCARE is Australia’s national identity and cyber support service. We will continue to keep you updated as further information becomes available.
The Cyber Sushi… (serving up the cold facts, with some phish bytes)more info