Spotify, AirBnB, and Instagram accounts may have also been affected.
On Friday, Facebook confirmed that approximately 50 million accounts had been hacked as part of a security breach, with users who found themselves suddenly being asked to sign back in with a new password most likely to have been affected.
Facebook released the following official statement on the incident:
"Our investigation is still in its early stages. But it’s clear that attackers exploited a vulnerability in Facebook’s code that impacted "View As" a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app."
Reports state that both Mark Zuckerburg and Facebook COO Sheryl Sandberg have been affected by the hack.
However,
Business Insider are reporting that this breach also allowed the hackers access to any other app that uses Facebook as a sign-in or third-party website.
That means if any of the 50 million hacked accounts also use Facebook as a connected account to their profiles on Tinder, Spotify, Instagram, or AirBnB, then those accounts may have also been hacked in the process.
As per the Business Insider report:
"The revelation drastically widens the potential impact of the hack, putting people's private data elsewhere across the web at risk. It may force the numerous major companies and startups reliant on Facebook's login service to audit their own systems for evidence of malicious activity as a result."
Instagram is now owned by Facebook, but spokespeople at Tinder, Spotify, and AirBnB did not respond when asked to comment on the potential breach of their accounts.
