We're all so distracted by the Kavanaugh investigation but something huge and horrible happened at Facebook this past week. Pay attention.
October 2, 2018

Oops:

“A massive Facebook breach may also have affected users of hundreds of other websites and apps. But three days after the public disclosure of the breach, it’s not clear that those companies know what, if anything, might have happened to their users.

“A spokesperson for the dating app Tinder said Monday that Facebook (FB) has shared only “limited information” and called on Facebook to be “transparent” about which of Tinder’s users may have been affected.”

We noted earlier that this security breach was bigger than Faceberg because the ubiquitous nature of Facebook and other companies using the Facebook logon (Single Sign-On) instead of providing their own authentication. But according to the CNN article, besides dating apps, GoFundMe, AirBnB, and other services are now trying to figure out if their users have been hit.

“Jason Polakis, an assistant professor of computer science at the University of Illinois at Chicago, said that single sign-on is a useful feature, but also a very risky one.
“The importance here is that since Facebook has become the most popular identity provider out there it’s not easy to evaluate how many accounts of yours hackers might have accessed,” said Polakis, who has studied the feature extensively.”

The ripple from this is going to be huge, and if we were not all focused on SCOTUS drama, the news cycles would probably be tripping over this.

Crossposted from Mock Paper Scissors

Can you help us out?

For 18 years we have been exposing Washington lies and untangling media deceit, but now Facebook is drowning us in an ocean of right wing lies. Please give a one-time or recurring donation, or buy a year's subscription for an ad-free experience. Thank you.

Discussion

We are currently migrating to Disqus

On May 14, 2022, we started migrating our comments from Insticator back to Disqus. During this transition period, some posts will have Insticator and some Disqus. For more information on the transition, as well as information regarding old C&L accounts, please see this post.


We welcome relevant, respectful comments. Any comments that are sexist or in any other way deemed hateful by our staff will be deleted and constitute grounds for a ban from posting on the site. Please refer to our Terms of Service for information on our posting policy.