Facebook Statement: "September 28, 2018 Security Update..." https://newsroom.fb.com/news/2018/09/security-update/
Facebook hack could hasten regulation as Sen. Warner says Congress must “step up” September 28, 2018 https://techcrunch.com/2018/09/28/facebook-breach-warner/
This seems to be all about access tokens, a term I was not familiar with. Are these effectively cookies? If I only visit Facebook occasionally and regularly clear all cookies such that I have to log in every time I assume I am not affected. There again there is deliberately nothing on my Facebook account to hack anyway..
It seems that this was server side problem. So instead of just deleting local cookies it would be IMO more important to log-off Facebook when not using it (so the session on server's side is closed).
Facebook shares more details about its massive security breach -- after blocking people from sharing news about it https://betanews.com/2018/09/29/facebook-blocks-vulnerability-shares/
Seems like a shocking bug to me, this shouldn't have been possible! But at least they are open about it.
This reminded me of websites which failed to assign "secure" attribute to cookies. Noscript had (may still have? It's long since I moved to uMatrix and to uBO) a function to manually add it. This kind of damn things are too prevalent, but ppl're willing to share everything about their real life on the internet, and shop, bank, then even ctrl home electronics via it.
Zuckerberg’s own Facebook account got hacked in breach https://nypost.com/2018/09/29/zuckerbergs-own-facebook-account-got-hacked-in-breach/
The Facebook Hack Exposes an Internet-Wide Failure October 2, 2018 https://www.wired.com/story/facebook-hack-single-sign-on-data-exposed/
Facebook hackers stole locations and other private data for millions of users The bad news: Private data was stolen. The good: Fewer accounts were affected October 12, 2018 https://arstechnica.com/information...and-other-private-data-for-millions-of-users/
Here’s how to see if you’re among the 30 million compromised Facebook users https://arstechnica.com/information...and-other-private-data-for-millions-of-users/
Facebook breach hit 3 million in EU, putting new privacy law to test https://www.cnet.com/news/facebook-breach-hit-3-million-in-eu-putting-new-privacy-law-to-test/
Private messages from 81,000 Facebook accounts advertised for sale by Russian hackers https://www.telegraph.co.uk/technol...00-facebook-accounts-advertised-sale-russian/
More than 110,000 Australians caught up in September's Facebook cyber-attack Hackers were able to access users’ movements, hometown, search history, email and phone number March 27, 2019 https://www.theguardian.com/technol...caught-up-in-septembers-facebook-cyber-attack
Facebook restores disabled ‘View As’ feature used in 2018 breach May 16, 2019 https://nakedsecurity.sophos.com/20...disabled-view-as-feature-used-in-2018-breach/
Hacking Victims Seek Independent Audits of Facebook Data Security November 27, 2019 https://www.courthousenews.com/hacking-victims-seek-independent-audits-of-facebook-data-security/
Facebook says it will tighten account security following 2018 hack That is, if its proposed settlement sticks February 8, 2020 https://www.engadget.com/2020/02/08/facebook-settlement-tightens-account-security/
Facebook was warned in advance about the security issue that led to the 2018 data breach Employees think it could have been prevented February 10, 2020 https://www.techspot.com/news/83949-facebook-warned-advance-about-security-issue-led-2018.html