Forgot password
Enter the email address you used when you joined and we'll send you instructions to reset your password.
If you used Apple or Google to create your account, this process will create a password for your existing account.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Reset password instructions sent. If you have an account with us, you will receive an email within a few minutes.
Something went wrong. Try again or contact support if the problem persists.

Facebook Third Party Apps (Probably) Leaked Your Info

This article is over 13 years old and may contain outdated information
image

Looks like it’s time to change your password …

OK, let’s get this out of the way: Facebook likes to share your information, probably more so than you’re comfortable with. However, the information sharing has unintentionally hit a new high (or is it a new low?), thanks to a slew of third-party apps leaking access tokens.

According to Symantec: As of April 2011, as many as 100,000 Facebook apps may have allowed user access to be leaked:

Symantec has discovered that in certain cases, Facebook IFRAME applications inadvertently leaked access tokens to third parties like advertisers or analytic platforms. We estimate that as of April 2011, close to 100,000 applications were enabling this leakage. We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties.

Access tokens are like ‘spare keys’ granted by you to the Facebook application. Applications can use these tokens or keys to perform certain actions on behalf of the user or to access the user’s profile. Each token or ‘spare key’ is associated with a select set of permissions, like reading your wall, accessing your friend’s profile, posting to your wall, etc.

Symantec reported this issue to Facebook, which corrected the problem. While that sounds fine and dandy, the problem is that the correction doesn’t work retroactively. Priorly-leaked tokens are still potentially damaging because they could provide access to your account. Unfortunately, there isn’t a list of apps that leaked the information, so it’s tough to know who was affected by the data leak.

However, the solution is pretty simple: Change your password. According to Symantec, changing your password is like changing the lock on your front door; old keys won’t work anymore. So, if you’ve got a ton of third-party apps linked to your Facebook account, this seems like a smart move.

Source: Symantec via Geek

Recommended Videos

The Escapist is supported by our audience. When you purchase through links on our site, we may earn a small affiliate commission. Learn more about our Affiliate Policy