Facebook says it hasn’t seen any evidence that the hackers used stolen keys to access users’ Tinder, Spotify, or Instagram accounts | Digital Asia
- Drew Angerer/Getty Images
- Facebook got hacked, it announced last week, and there have been fears attackers could use the stolen data to break into users’ accounts on Tinder, Spotify, Airbnb, and elsewhere.
- On Tuesday, Facebook said there is no evidence of that sort of thing happening.
- But it’s still not clear who is behind the attack, or what they were after.
Facebook says it can’t find any evidence that the hackers who compromised 50 million users’ accounts on the social network also used stolen “keys” to break into victims’ accounts on other apps and services.
Last week, the Silicon Valley tech firm revealed it had been targeted in a massive hack that saw an as-yet-unidentified attacker, or attackers, gain access to tens of millions of users’ accounts by exploiting vulnerabilities in its software.
It subsequently acknowledged that this attack also meant that, in theory, the hacker could have stolen “access tokens” to get into users’ accounts on other apps that use the Facebook Login service, including Tinder, Airbnb, Spotify, and more.
In a statement published on Tuesday, Facebook exec Guy Rosen said the company hasn’t found any evidence this has actually happened. It will be a partial relief to the victims of the attack, as well as the companies that rely on Facebook Login and faced having to conduct their own investigations.
But Facebook’s update provides no more information on who is behind their attack, what their motivation was, and what user data they took. “We’re sorry that this attack happened – and we’ll continue to update people as we find out more,” Rosen wrote.
The news of the hack comes as Facebook attempts to recover from a string of bruising scandals, from Cambridge Analytica to the spread of Russian misinformation and propaganda on its platform. Facebook now faces multiple investigations over the breach, including from multiple US Congressional committees and the Irish privacy watchdog.