At the end of September, Facebook admitted that attackers exploited a vulnerability in the “View As” feature that allowed them to steal Facebook access tokens of 50 Million Users.
According to the company, the vulnerability is the result of the chaining of three flaws affecting the “View As” feature and Facebook’s video uploader.
Facebook clarified that the version of the video uploader interface affected by the flaw was introduced in July 2017.
On Monday, Japan’s Personal Information Protection Commission ordered a further investigation of the data breach and asked the company to implement preventive security measures.
This is the first time that the commission has issued warnings to the social network giant after it has conducted an investigation along with British authorities.
According to government spokesman Yoshihide Suga, Facebook told Japanese authorities that the recent data breach also included Japanese users.
The commission also ordered the company to improve communication with users being more transparent of the way it manages their data and promptly responding to request for deleting accounts.
Another incident involving the company that affected up to 100,000 Japanese users was the Cambridge Analytica privacy scandal that affected 87 Million users.
“It is the first time that the commission, which investigated the data leak with British authorities, has issued warnings to Facebook,” an official told AFP.
Facebook added to be committed to “promptly inform users if the platform was inappropriately used and cooperate with the commission and other countries’ regulators” on its website.
(Security Affairs – social network, cybersecurity)