Here's Why You Got Logged Out Of Your Facebook Account (Hint: A Major Hack Has Happened)

In a blog post, Facebook's vice president of product management Guy Rosen said:

"On the afternoon of Tuesday, 25 September, our engineering team discovered a security issue affecting almost 50 million accounts.

"We're taking this incredibly seriously and wanted to let everyone know what’s happened and the immediate action we’ve taken to protect people’s security.

"Our investigation is still in its early stages. But it's clear that attackers exploited a vulnerability in Facebook’s code that impacted "View As" a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people's accounts."

For example, if your account was impacted it means that a hacker could have accessed any account - including Instagram - that you log into using Facebook.

In a second, follow-up conference call with reporters on Friday, Facebook revealed this information, which drastically widens the potential impact of the hack.

Basically, hackers are now believed have access to other services in which a person used their Facebook account to register, including apps like Tinder, Spotify, and Airbnb.

While it is not yet clear whether this has actually occurred, the possibility may force the other companies to undertake their own investigations into the issue.

The reason you were logged out of your account because Facebook invalidated the access tokens for the 50 million affected accounts.

It was a safety step - after patching the security vulnerability - taken by Facebook to ask users to log back in to access their accounts again.

In a post on his account, Facebook Founder Mark Zuckerberg addressed the issue, writing, "As a precautionary measure, even though we believe we've fixed the issue, we're temporarily taking down the feature that had the security vulnerability until we can fully investigate it and make sure there are no other security issues with it."

While the security breach impacted around 50 million accounts, the precaution taken by Facebook - resetting access tokens - means around 90 million people will now have to log back into Facebook, or any of their apps that use Facebook Login.

However, it's unclear who has been affected, what kind of data has been stolen, or who carried out the attack, according to a report in the BBC.

"The firm would not say where in the world the 50 million users are, but it has informed Irish data regulators, where Facebook's European subsidiary is based. The company said the users prompted to log-in again did not have to change their passwords."

"In something as big and complicated as Facebook, there are bound to be bugs. The theft of these authorisation tokens is certainly a problem, but not nearly as big of a risk to user's privacy as other data breaches we have heard about or even Cambridge Analytica for that matter.

"As with any social media platform, users should assume their information may be made public, through hacking or simply through accidental oversharing. This is why a sensitive information should never be shared through these platforms," he said.