#facebook hack

On October 17, 2018, the National Privacy Commission (NPC) has ordered Facebook to action regarding recent data breach that affected millions of users around the globe, including 755,973 users in the Philippines. On September 28, 2018, Facebook revealed that attackers exploited a vulnerability in Facebook's code that existed between July 2017 and September 2018 which allowed them to steal Facebook access tokens which they could use to take over people's accounts. Facebook has then fixed the vulnerability, and on September 29, 2018, informed the Commission about the attack through an e-mail. Facebook has posted an update on October 12, 2018, which provides details on how the attack happened. On October 13, Facebook informed the National Privacy Commission that a total of 755,973 Philippine-based Facebook user accounts may have been compromised that forced Facebook to log out users from their accounts last September 28. The NPC also slammed Facebook's letter dated October 13, 2018, saying that "there is no material risk of more extensive harm occurring." The NPC has then ordered Facebook to submit a more comprehensive Data Breach Notification Report and inform the data subjects in compliance with the provisions of NPC Circular No. Facebook was also ordered to provide identity theft insurance or credit monitoring service for free to affected Filipino data subjects; or, in the alternative, establish a dedicated helpdesk/help center for Filipino data subjects who may be adversely affected by this incident, to provide assistance in identity restoration and other related matters. Read more in our articles including "Facebook data breach affected 755,973 users in the Philippines" and "Facebook hack affects 50 million accounts".