And just when you thought social media issues has calmed down…

New Facebook Hack

Facebook noticed odd activity on September 14, 2018 and had the issue resolved on September 27. On September 28, Facebook went public regarding the issue and the number of users affected. As a precautionary measure, Facebook automatically logged out out 90 million users. This is the worst Facebook hack to date. 

What Happened?

Cyber criminals found loopholes in the code associated with the “View As” feature which allowed them to steal access tokens which granted them access to stay logged into various accounts. This hack exposed a plethora of sensitive information, including but not limited to: username, gender, language, relationship status, hometown, current city, birthday, device types used to access Facebook, education, employment, recently visited places, websites, and also people or Pages they follow. In addition, hackers also accessed up to 15 most recent searches per compromised account. This allows hackers to compile information to either create faux, duplicate accounts of real people, or allow them to sell sensitive information on the black market for top dollar.

How Can I Prevent This?

Here’s a list of the top ways you can combat social media fraud:

  1. Don’t login to your accounts on public computers or public internet sources.
  2. Don’t have a “public” account. Check your privacy settings to make sure only your friends can view your information.
  3. “Hide” sensitive information within your privacy settings, such as hiding your birthday and hometown from even approved friends.
  4. Don’t use your social media accounts daily.
  5. Delete social media accounts completely, or at least deactivate ones you don’t check regularly.
  6. Delete old accounts whenever possible.
  7. Don’t overly share information on social media. If you are scared of a hacker stealing photos of your children, then don’t post about your kids!
  8. Remember that anything on the internet is stored somewhere in some way. Nothing is “secret,” even if intended for only one person’s eyes.
  9. Change your password often. If you have had the same password for years, it’s time to change it!
  10. Don’t use the same password and username for multiple accounts.
  11. Log out of your accounts after each use.
  12. Don’t explicitly type out login information and store it online. Example: Don’t email your spouse your username and password together.
  13. Utilize a password keeper like Zoho Vault instead of listing logins on a Google Sheet.

Was Your Account Involved?

Facebook created a help page for users to automatically check on the status of the account, as well as individually notified those impacted. You can click here to read more. 


On a lighter note, FortisPay is dedicated to fighting fraud as well as ensuring it doesn’t occur in the first place. If you’re experiencing fraud at your property, click the button below!

Want weekly blog and social media updates from FortisPay? Opt-in to our newsletter:

Follow us on Facebook, Instagram, and Twitter @FortisPay