“A massive Facebook breach may also have affected users of hundreds of other websites and apps. But three days after the public disclosure of the breach, it’s not clear that those companies know what, if anything, might have happened to their users.
“A spokesperson for the dating app Tinder said Monday that Facebook () has shared only “limited information” and called on Facebook to be “transparent” about which of Tinder’s users may have been affected.”
We noted earlier that this security breach was bigger than Faceberg because the ubiquitous nature of Facebook and other companies using the Facebook logon (Single Sign-On) instead of providing their own authentication. But according to the CNN article, besides dating apps, GoFundMe, AirBnB, and other services are now trying to figure out if their users have been hit.
“Jason Polakis, an assistant professor of computer science at the University of Illinois at Chicago, said that single sign-on is a useful feature, but also a very risky one.
“The importance here is that since Facebook has become the most popular identity provider out there it’s not easy to evaluate how many accounts of yours hackers might have accessed,” said Polakis, who has studied the feature extensively.”
The ripple from this is going to be huge, and if we were not all focused on SCOTUS drama, the news cycles would probably be tripping over this.
Crossposted from Mock Paper Scissors