Good tidings is that Facebook constitute no evidence "so far" that proves such claims.
In a weblog ship service exploited a chain of vulnerabilities inward its code to pocket fifty 1000000 accounts tokens—digital keys that exceed away along users logged in, in addition to therefore they don't postulate to re-enter their credentials every fourth dimension they role the app.
The social media giant fixed the consequence on Th black in addition to forcefully logged ninety 1000000 users out of their accounts every bit a precaution past times resetting their access tokens.
Even later Facebook announced that it constitute no evidence of hackers accessing third-party services that role Facebook's unmarried sign-on inward the massive attack, about of those services are taking necessary steps to safeguard their users.
For example, Uber has precautionarily expired all active Facebook-based login sessions temporarily later the information breach, patch the fellowship is all the same investigating the breach at its end.
The social media giant has yet to expose the attackers responsible for the massive attack, their origins, in addition to the information they may convey stolen from the affected fifty 1000000 Facebook users.
The Irish Gaelic Data Protection Commission said that less than 10 percentage of the fifty 1000000 users (which equals to 5 1000000 users) attacked inward the breach are based inward the European Union (EU), where Facebook tin forcefulness out endure fined upward to $1.63 billion nether the nation's General Data Protection Regulation (GDPR) if it did non detect doing plenty to protect the safety of users.
