Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Facebook hack update: Firm says no external app or website was hit – but can't be sure

There is no evidence 'so far' that hackers breached other apps through Facebook Login

Anthony Cuthbertson

Wednesday 03 October 2018 14:37 BST

(PA)

Facebook has claimed there is no evidence "so far" that hackers accessed any third-party apps or websites as a result of the huge data breach.

The tech giant revealed last week that hackers stole so-called access tokens to accounts of at least 50 million users. A further 40 million users may also be affected by the attack.

Facebook's vice president of product management Guy Rosen wrote in a blog post on Tuesday that the access tokens had been reset for 90 million affected users.

How to stop Facebook from revealing everything about you

Show all 9

1/9How to stop Facebook from revealing everything about you

How to stop Facebook from revealing everything about you

Lock your profile down

If you haven’t done this already, do it now. In Settings, hit the Privacy tab. From here, you can control who gets to see your future posts and friends list. Choose from Public, Friends, Only Me and Custom in the dropdown menu.

How to stop Facebook from revealing everything about you

Limit old posts

Annoyingly, changing this has no effect on who’s able to see your past Facebook posts. Instead, on the Privacy page, you have to click on Limit Past Posts, then select Limit Old Posts and finally hit Confirm on the pop-up.

How to stop Facebook from revealing everything about you

Make yourself harder to find

You can stop completely random people from adding you by selecting Friends of Friends from the dropdown menu in the Who can send you friend requests? section of the Privacy page. It’s also worth limiting who can find your Facebook profile with your number and email address. At the bottom of the page is the option to prevent search engines outside of Facebook from linking to your profile.

How to stop Facebook from revealing everything about you

Control access to your Timeline

You can limit who gets to post things on your Timeline and who gets to see posts on your Timeline too. In Settings, go to Timeline and Tagging and edit the sections you want to lock down.

How to stop Facebook from revealing everything about you

Block people

When you block someone, they won’t be able to see things you post on your Timeline, tag you, invite you to events or groups, start conversations with you or add you as a friend. To do it, go to Settings and Blocking. Annoyingly, you have to block people on Messenger separately. You can also add friends to your Restricted list here, which means they’ll still be friends with you but will only be able to see your public posts and things you share on a mutual friend's Timeline.

How to stop Facebook from revealing everything about you

Review tags

One of Facebook’s handiest privacy features is the ability to review posts you’re tagged in before they appear on your Timeline. They’ll still be visible on the News Feed while they’re fresh, but won’t be tied to your profile forever. In Timeline and Tagging, enable Timeline review controls.

How to stop Facebook from revealing everything about you

Clean up your apps

You can view a list of all of the apps you’ve connected to your Facebook account by going to Settings and Apps. The list might be longer than you expected it to be. It’s worth tidying this up to ensure things you no longer use lose access to your personal information. If you don’t want to log into websites and apps with your facebook account, scroll down and turn Platform off.

How to stop Facebook from revealing everything about you

Change your ad preferences

You can view a list of everything Facebook thinks you’re into and tinker with your ad preferences by going to Settings and Adverts. A lot more information is displayed on the desktop site than the app, so we’d recommend doing this on a computer.

How to stop Facebook from revealing everything about you

Download your data

Facebook lets you download all of the data it has on you, including the posts you’ve shared, your messages and photos, ads you’ve clicked on and even the IP addresses that are logged when you log in or out of the site. It’s a hell of a lot of information, which you should download to ensure you never over-share on the social network again.

"We have now analysed our logs for all third-party apps installed or logged in during the attack we discovered last week," Mr Rosen wrote.

"That investigation has so far found no evidence that the attackers accessed any apps using Facebook Login. Any developer using our official Facebook SDKs – and all those that have regularly checked the validity of their users' access tokens – were automatically protected when we reset people's access tokens."

In order to minimise the risks of the security vulnerability, Facebook logged all affected users out as a precaution.

Unfortunately, Mr Rosen admitted that not all Facebook developers use the firm's developer tools, so a tool is being built "to enable developers to manually identify the users of their apps who may have been affected, so that they can log them out."

Following the data breach, hacked Facebook accounts appeared for sale on the dark web, though it was not clear from the vendor's description whether they relate to the hack.

A listing for a hacked Facebook account, selling for around $3 on the Dream Market site on the dark web (Screenshot)

The hacked accounts were selling for between $3 and $12 each, with security experts warning that cyber criminals could use the data to commit identity theft or blackmail users with compromising information.

In a post to Facebook last week, Facebook CEO Mark Zuckerberg said: "We face constant attacks from people who want to take over accounts or steal information around the world... The reality is we need to continue developing new tools to prevent this from happening in the first place."

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies