Facebook said on Friday it found a security flaw in almost 50 million accounts that would allow hackers to take over people’s profiles, a potential additional blow to the social network’s record on privacy.
The company in a blog post said that someone had used the vulnerability to attack its network, although it did not know who was behind the attempt. Facebook also said it had yet to determine whether the 50 million accounts were misused or if any information was improperly accessed.
The flaw in Facebook’s code was related to the site’s “view as” feature, which lets people see what their own profile looks like to someone else. Facebook said it had disabled the feature for now and was resetting the digital keys that about 90 million people use to log in.
Facebook said it had fixed the vulnerability since discovering it on Tuesday, and had also informed law enforcement authorities.