The social giant has vowed to do a better job with users' security, in light of a class action lawsuit that revealed a tale of mismanagement and ignoring repeated warning from employees in the 2018 incident that exposed the personal details of millions of users around the world.
According to a report from The Telegraph, Facebook was made aware about the potential security risk nine months in advance, which should have been ample time to prevent a hack that affected more than 50 million accounts and inconvenienced more than 90 million, who were signed out on all of their devices. The incident also affected three million people in the EU, which naturally prompted a thorough investigation by the Irish Data Protection Commission.
The Telegraph cites court documents that indicate employees had developed "guilt" and "hurt" after repeated warnings led to no action being coordinated by upper management. Several Facebook engineers expressed their worries over the fact that access tokens -- which are essentially unique identifiers you can use to do things like logging in to third part apps and services -- were an easy target for cybercriminals.
The engineers explained that the social giant had released features that use the non-expiring access tokens despite ample evidence that it would be a bad idea. Facebook denies these claims, noting ..
Support the originator by clicking the read the rest link below.