Facebook has said at least 50 million user accounts may be at risk after hackers exploited a security vulnerability on the site.
The company said in a blog post Friday that it discovered the bug earlier in the week. The bug is part of the site’s “View As” feature that lets a user see their profile as someone else. Facebook has switched off the “View As” feature in the meantime while it investigates the bug further.
The bug allowed hackers to obtain account access tokens, which are used to keep users logged in when they enter their username and password. Stolen tokens can allow hackers to break into accounts.