Facebook announced Friday that earlier this week, "attackers exploited a vulnerability in Facebook’s code that impacted ‘View As,’” a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts."
Ed Mierzwinski, the senior director of U.S. PIRG's consumer program, said:
Early reports of yet another big breach, this one where hackers apparently exploited Facebook vulnerabilities to expose the data of 50 million users, are very troubling. It's yet another warning that Congress must not enact any national data security or data breach legislation that weakens current state privacy laws, preempts the rights of states to pass new laws that protect their consumers better, or denies their attorneys general rights to investigate violations of or enforce those laws.