Facebook says that it has discovered a security breach affecting nearly 50 million accounts and that it’s not yet clear whether any information was accessed or any accounts were otherwise misused.
The vulnerability that caused the breach was found Tuesday and was fixed on Thursday night, Facebook says. It was the result of bugs introduced into Facebook’s code in July 2017. No passwords or credit card numbers were stolen, the company says.
But as a result of the breach, attackers could gain access to a user’s account — hypothetically giving them the ability not only to view information, but also to use the account as though they were the account holder.
“We do not yet know if any of the accounts were actually misused,” Facebook CEO Mark Zuckerberg told reporters Friday. “This is a really serious security issue, and we are taking it really seriously.”