Facebook chief executive Mark Zuckerberg said engineers discovered the breach on Tuesday, and patched it on Thursday night. Facebook said it has taken steps to fix the security problem and alerted law enforcement.
Guy Rosen, vice-president of product management, said the company's investigation is "early and it's hard to determine exactly who is behind this and we may never know".
Facebook said that the attack impacted the "view as" feature and allowed the attackers to steal Facebook access tokens that could be used to take over people's accounts.More news: North Korea slams continued USA sanctions
Facebook is also turning off the View As feature until a security review is completed. Facebook also took the precaution to reset access tokens of an additional 40 million accounts for those users who used the "View As" feature in the past year. These users will have to log into their Facebook account and change their passwords immediately.
Those keys let the hackers unlock access to people's accounts.
Facebook has 2.23 billion users globally. Finally, the company has yet to identify the hackers, and it says that it does not know if any personal information was stolen in the process.
The company said attackers were able to exploit a vulnerability in a feature known as "View As" to gain control of people's accounts.More news: Manchester United lose 3-1 to West Ham to deepen Mourinho woes
Facebook's confirmation says that almost 50 million accounts were directly affected by the hack. Those details, according to Facebook, are still under investigation.
We'll update this post as we get more information, but in the meantime it's probably a good idea to change your Facebook password and check your security settings just in case.
"We're taking this incredibly seriously and wanted to let everyone know what's happened and the immediate action we've taken to protect people's security", Rosen said. As a result, almost 90 million people now have to log back into Facebook or any of the official app of the company. Given how Facebook spreads itself out over third-party applications, such as its log-on feature, this number is expected to reach much higher, however this remains speculation for the time being.More news: Google Set To Unveil Pixel 3 Smartphones On October 9th