Logged out of Facebook on all devices on a sudden. Should I be worried about being hacked?

MattCat15 09/28/2018. 5 answers, 12.899 views
authentication passwords account-security facebook social-media

A while ago, I was opening Facebook app on Android and then I got the message "Session expired. Please log in again.". I then tried logging in with my current password and was success to log in my account. Before, long time ago, when I created this account, I'd set up two-factor authentication for my account and when I checked after I did the log in, it was still active.

After that, I opened my laptop and Chrome then went to Facebook, just to find out that the session on PC was also logged out. After I logged back in, I went to security under settings and checked the section "When you're logged in" and I saw that all of the past logged in entries are gone. The only entries I got were those log in on my phone and my laptop (also appeared to be my trusted devices).

I was thinking of someone had tried (and succeeded?) to access my account, then logged out of all current sessions. However, I did not get any suspicious prompt on my phone to authenticate an unusual log in (Like "Did you just logged in near location xxxxx?"), also no warning email from my registered email telling me about my account being accessed on an unrecognized browser or computer.

Tl;dr: Facebook account suddenly got logged out of all devices, password was not changed, logged in entries are gone, no email warning about account being compromised, no two-factor authentication prompt showed up.

My questions are:

  • Are there any chances that someone was successfully able to get into my account? If yes, then how could they bypass the two-factor authentication?

  • Is that incident normal or I should take security actions?

Thank you!

5 Answers

Teun Vink 10/01/2018.

Facebook reported a data leak today and forced a large number of accounts to log off as a precaution. Source: NY Times and Facebook.

That NYT article says "The company forced more than 90 million users to log out early Friday, a common safety measure taken when accounts have been compromised."

Additional article from The Hacker News - "unknown hacker or a group of hackers exploited a zero-day vulnerability in its social media platform that allowed them to steal secret access tokens for more than 50 million accounts" and "Facebook has already reset access tokens for nearly 50 million affected Facebook accounts and an additional 40 million accounts, as a precaution"

Beanluc 10/03/2018.

Are there any chances that someone was successfully able to get into my account? If yes, then how could they bypass the two-factor authentication?

If your account had 2fa, it seems unlikely that an attacker could use this exploit to get into it. But many Facebook users don't use 2-factor authentication.

Is that incident normal or I should take security actions?

Action has already been taken for you. Any old token you had is no longer valid, not for you and not for an attacker either. That's why you suddenly were unable to access Facebook without re-logging in again. The same thing is true of anyone who might have wanted to exploit a token which let them spoof as you - they too would have to re-authenticate. None of Facebook's statements suggest that they're able to authenticate as you as the result of this particular exploit or vulnerability. They also don't totally make it clear that Facebook did more than just reset tokens - if that were all that they did, all the attackers would have to do would be to start collecting tokens again. I assume that Facebook patched the vulnerability at the same time so that stolen tokens can't be abused again in the future.

R.. 09/29/2018.

This question is a great opportunity to point out that FB badly botched the handling of this. Being unexpectedly logged out and asked to login again looks just like phishing and it should be treated as such by users.

After invalidating session tokens, Facebook should have made the invalid ones redirect not to the main login page, but to a page explaining the breach and asking the user to click logout, then manually type facebook.com in their browser location bar and login again.

Laurence Payne 10/03/2018.

This was a precautionary measure, instigated by Facebook.

It reminds us of a very important point.

Facebook is a noticeboard. Don't put stuff on a noticeboard that you don't want people to see.

Remember that, and a lot of the 'security' worries go away. Not all of them, but a lot of them.

pytago 10/02/2018.

Are there any chances that someone was successfully able to get into my account? If yes, then how could they bypass the two-factor authentication?

Yes. They exploited a bug in Facebook's code. What they were able to see – nobody knows. We only know what Facebook reported, but do you trust this company to disclose all information?

Is that incident normal or I should take security actions?

You should consider deleting your account from sites that do not secure your data well enough. You'll have to weigh the benefits of being on this site versus the risk of another breach and the sensitivity of the data you send this company and everything they can guess from that. This might include your sexual orientation, your partners, affairs, financial situation, private chat messages...

HighResolutionMusic.com - Download Hi-Res Songs

1 Alan Walker

On My Way flac

Alan Walker. 2019. Writer: Alan Walker;Sabrina Carpenter;Farruko.

Here With Me flac

CHVRCHES. 2019. Writer: Steve Mac;Martin Doherty;Marshmello;Lauren Mayberry;Iain Cook.
3 5 Seconds Of Summer

Who Do You Love flac

5 Seconds Of Summer. 2019. Writer: Andrew Taggart;Talay Riley;Oak;Sean Douglas;Luke Hemmings;Calum Hood;Ashton Irwin;Michael Clifford;Trevorious;Zaire Koalo.
4 Bonn

No Sleep flac

Bonn. 2019. Writer: Albin Nedler;Bonn;Martin Garrix.
5 Avril Lavigne

Crush flac

Avril Lavigne. 2019. Writer: Johan Carlsson;Avril Lavigne;Zane Carney.
6 Katy Perry

365 flac

Katy Perry. 2019. Writer: Zedd;Katy Perry;Caroline Ailin;Corey Sanders;Daniel Davidsen;Cutfather;Peter Wallevik.
7 Alan Walker

Are You Lonely flac

Alan Walker. 2019.
8 Jonas Brothers

Sucker flac

Jonas Brothers. 2019. Writer: Kevin Jonas;Joe Jonas;Nick Jonas;Ryan Tedder;Louis Bell;Frank Dukes.
9 Brooks

Better When You're Gone flac

Brooks. 2019. Writer: David Guetta;Emma Lov Block;Ido Zmishlany;Jackson Foote;Jeremy Dussolliet;Brooks.
10 Dido

Hurricanes flac

Dido. 2019. Writer: Dido;Rick Nowels;Rollo Armstrong.

Happy flac

DEAMN. 2019.
12 Ariana Grande

Bloodline flac

Ariana Grande. 2019. Writer: ILYA;Max Martin;Savan Kotecha;Ariana Grande.

Rise flac

IZ*ONE. 2019.
14 Avril Lavigne

Dumb Blonde flac

Avril Lavigne. 2019. Writer: Mitch Allan;Bonnie McKee;Nicki Minaj;Avril Lavigne.
15 Little Big Town

Don't Threaten Me With A Good Time flac

Little Big Town. 2019. Writer: Thomas Rhett;Karen Fairchild;The Stereotypes;Jesse Frasure;Ashley Gorley.
16 Ariana Grande

Make Up flac

Ariana Grande. 2019. Writer: Brian Malik Baptiste;Tayla Parx;TBHits;Victoria Monét;Ariana Grande.
17 Dzeko

Halfway There flac

Dzeko. 2019.
18 Ariana Grande

Imagine flac

Ariana Grande. 2019. Writer: JProof;Priscilla Renea;Happy Perez;Andrew "Pop" Wansel;Ariana Grande.
19 Ariana Grande

NASA flac

Ariana Grande. 2019. Writer: Ariana Grande;Scootie;Tayla Parx;TBHits;Victoria Monét.
20 Ariana Grande

Thank U, Next flac

Ariana Grande. 2019. Writer: Crazy Mike;Scootie;Victoria Monét;Tayla Parx;TBHits;Ariana Grande.

Related questions

Hot questions


Popular Tags