Hi Brian - we've invalidated data access for third party apps for affected individuals that have signed in with Facebook Login. This can cause some users to be logged out of the third party apps, and they will have to log back in.
-
-
- 1 more reply
New conversation -
-
-
No clue all I know is my external apps that were linked to Facebook had all their sessions killed this morning. I would think they would have had access if they were able to gain an access token to the Facebook account.
-
I feel as if this indicates our suspicions are correct that, yes, this breach also impacted the security of apps using FB as an authentication platform.
End of conversation
New conversation -
-
-
This also has an impact of breach notification, two ways: 1) do affected non-FB properties (like Tinder) also have to notify? 2) FB simply notify upon next FB login does not really catch those users who created a FB account just to use a non-FB property
- 1 more reply
New conversation -
-
-
I am sure you’ve seen this by now, but on the off chance you haven’t, Wired seems to agree with you:https://www.wired.com/story/facebook-security-breach-third-party-sites/ …
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Step 1 when joining new company: get an Outlook rule to flag emails from Krebs as high priority setup on PR alias
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
A key question should be when does Facebook's willful disregard for security, despite a sufficient budget, constitute criminal negligence? They're an embarrassment to the tech community
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I was logged out of Messenger so that could be the case.
-
Didn’t affect me whatsoever...mind you, don’t use this service so that probably helps
-
I don't think you could have given a less-helpful answer
-
It's the standard I strive for
End of conversation
New conversation -
-
-
From the sound of it, this is about an API token allowing access to Facebook APIs. OAuth authentication against third-party apps works differently and wouldn't be affected - unless the API token can be used for deeper account compromise. But that's pure guessing of course.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
a growing problem that ppl dont care abt because its convenient. convenient is a hackers window of opportunity. take the GIF loading bug for example.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Apparently revoking the credential it was possible to steal will log you out of Facebook login apps, so i would presume that they were in fact vulnerablepic.twitter.com/VNJxV5FUha
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
WHY DOES ANYONE STILL USE FACEBOOK???????????
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Absolute excellent question. It’s the same as google accounts allowing multiple application logins. When one domino falls, do the others?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Not likely, it just sounds like "View Us" was treated as an all-scope profiled app (preapproved by FB, like Instagram) to show you what the other user actually sees. And there were ways to leak that token, (but obviously just friends) so they had to pivot from friends to friends!
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
They are setting it up now... WOW, the republicans won more seats than we thought... BLAME FACEBOOK... cancel the elections.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.