Facebook says more than 50 million user accounts have been affected by a security breach.
The social media giant made the announcement Friday afternoon, saying its engineering team discovered a security issue on Tuesday. But it’s since been fixed and law enforcement has been informed.
Hackers stole Facebook access tokens through Facebook’s “view as,” a feature that lets people see what their own profile looks like to someone else. This allowed the hackers to take over people’s accounts.
Access tokens are the equivalent of digital keys that keep people logged into Facebook so they don’t need to re-enter their password every time they use the app.
“We’re taking this incredibly seriously and wanted to let everyone know what’s happened and the immediate action we’ve taken to protect people’s security,” Facebook said in a statement.
WATCH: Global News’ coverage of previous Facebook data breach
Facebook has reset the access tokens of the 50 million affected accounts, it said. As a precaution, the company has reset access tokens for another 40 million accounts that have looked up through the “view as” option in the last year.
About 90 million people will have to log back into Facebook or any of their apps that use a Facebook login. There is no need for anyone to change their passwords, Facebook said.
The company also said it was temporarily turning off the “view as” option.
“Since we’ve only just started our investigation, we have yet to determine whether these accounts were misused or any information accessed. We also don’t know who’s behind these attacks or where they’re based,” Facebook said.
LISTEN: Tom Keenan joins Rob Breakenridge to discuss the latest Facebook breach
Earlier this year, the company was in hot water after the data of 87 million users was improperly accessed by Cambridge Analytica, a political consultancy.
WATCH: Zuckerberg outlines 3 changes to Facebook privacy to protect users