News World No third-party attacks from hack: Facebook

No third-party attacks from hack: Facebook

Facebook says it will message users affected to tell them if their password was left unprotected. Photo: Getty
Share
Twitter Facebook Reddit Pinterest Email

Facebook says investigators have determined that hackers did not access other sites that use the social networking site’s single sign-on in a massive cyber attack that the company disclosed last week.

“We analysed third-party access during the time of the attack we have identified. That investigation has found no evidence that the attackers accessed any apps using Facebook Login,” said Guy Rosen, a Facebook vice-president overseeing security, in a statement sent to Reuters.

The announcement comes after Facebook last week disclosed its worst-ever security breach, saying hackers had stolen login codes that allowed them to access nearly 50 million Facebook accounts.

Rosen warned on a Friday conference call the hackers could have also accessed third-party websites and apps that allow uses to access their accounts using Facebook logins.

Security researchers with the University of Illinois at Chicago estimate that more than 42,000 websites allow customers to access their accounts with Facebook Login, an estimate that prompted concern the attack on the social networking site could reverberate across the internet.

Sites that use Facebook Login told Reuters they had not identified any signs their users had been breached.

UK-based travel site SkyScanner and IKEA Group’s TaskRabbit site, which provides home repairs and furniture assembly, said they were investigating the potential impact on customers.

Ride-hailing giant Uber said it has closed active sessions using Facebook login credentials as it investigated the matter.