Facebook has announced the discovery of a security issue affecting almost 50 million accounts. While Facebook’s investigation is still in its early stages, it has confirmed that suspected malicious actors exploited a vulnerability in Facebook access tokens. These tokens are effectively digital keys that allow users to remain logged into Facebook and avoid re-entering their password.
Facebook have taken steps to contain the incident, including fixing the vulnerability and resetting access tokens for affected (and potentially affected) users. If you have been logged out of Facebook automatically, this suggests Facebook have taken containment steps in relation to your user account. Facebook are advising that users need not change their passwords at this stage.
Facebook will provide further updates as the circumstances of this security issue continue to unfold. In the interim, users may consider taking the following precautionary steps to protect their personal data.
If you have not been logged out of Facebook automatically, you can do so through your security settings by selecting the one-click option to log out of all locations.
While the circumstances of the security issue remain under investigation, there are reports that third party applications may have been impacted. Users may therefore consider logging out of all third applications linked to your Facebook login credentials and also turning off Facebook’s integration with third party applications by visiting Apps and Websites in your security settings.
Always carefully consider the personal data that you share on Facebook and other social media channels. This is also an opportune time to revisit your Facebook privacy settings.
Consider adopting two-factor authentication when logging into your account. This option may be activated from the security and login section in your security settings.
If it sounds like a scam, be sure to pick the phone and talk to the person who is messaging you or asking to connect with you on Facebook.
IDCARE is Australia’s national identity and cyber support service. We will continue to keep you updated as further information becomes available.
IDCARE is here to provide you with specialist support and guidance when faced with a cyber and identity related issue. Contact one of our Identity & Cyber Security Case Managers to learn more about our Support Services and how we can help you.
IDCARE as a registered charity does not ask individuals to donate or pay for our front line services. We are not a charity that can receive tax deductible donations. We rely on organisations that care enough about you to care about us to keep our charitable service going. Proudly these organisations are displayed above and on our Subscriber Organisations page. If you are asked for payment from someone claiming to be from IDCARE, please report this to us using our Report Phishing email.
IDCARE has access to the Department of Social Services’ Free Interpreting Service, delivered by the Translating and Interpreting Service (TIS National). Access to the Free Interpreting Service is provided to assist you to communicate with non-English speaking people who hold a Medicare card. Please note that the service does not extend to New Zealand citizens or residents who do not hold an Australian Medicare card, or to tourists, overseas students or people on temporary work visas.
New Zealand Relay provides services to help Deaf, hearing impaired, speech impaired, Deafblind and standard phone users communicate with their peers. A TTY user connects to New Zealand Relay via a toll-free number and types their conversation to a Relay Assistant (RA) who then reads out the typed message to a standard phone user (hearing person).
The RA relays the hearing person's spoken words by typing them back to the Textphone (TTY) User.
The National Relay Service (NRS) is an Australian government initiative that allows people who are deaf, hard of hearing and/or have a speech impairment to make and receive phone calls.
The NRS is available 24 hours a day, every day and relays more than a million calls each year throughout Australia.