NEW YORK (Reuters) – Facebook Inc (FB.O) said on Tuesday that investigators have determined that hackers did not access other sites that use the social networking site’s single sign-on in a massive cyber attack that the company disclosed last week.
FILE PHOTO: A 3D-printed Facebook logo is seen in front of displayed binary digits in this illustration taken March 18, 2018. REUTERS/Dado Ruvic/Illustration/File Photo
“We analyzed third-party access during the time of the attack we have identified. That investigation has found no evidence that the attackers accessed any apps using Facebook Login,” said Guy Rosen, a Facebook vice president overseeing security, in a statement sent to Reuters.
The announcement comes after Facebook last week disclosed its worst-ever security breach, saying hackers had stolen login codes that allowed them to access nearly 50 million Facebook accounts.
Rosen warned on a Friday conference call that the hackers could have also accessed third-party websites and apps that allow uses to access their accounts using Facebook logins.
Security researchers with the University of Illinois at Chicago estimate that more than 42,000 websites allow customers to access their accounts with Facebook Login, an estimate that prompted concern the attack on the social networking site could reverberate across the internet.
Sites that use Facebook Login told Reuters that they had not identified any signs that their users had been breached.
UK-based travel site SkyScanner and IKEA Group’s TaskRabbit site, which provides home repairs and furniture assembly, said they were investigating the potential impact on customers.
Ride-hailing giant Uber said it has closed active sessions using Facebook login credentials as it investigated the matter.
Facebook shares closed down 1.9 percent at $159.33 on Tuesday, in a third straight session of declines.
Reporting by Jim Finkle and Angela Moon in New York; editing by Jonathan Oatis and Leslie Adler