On Friday, September 28, 2018, Facebook notified users of a massive data breach affecting some 50+ million accounts, although the breach actually had occurred a few days earlier on Wednesday afternoon.
Q: Was My Account Impacted?
A: If your account was impacted two things will have happened. First, your account would have been logged out on all your devices, forcing you to log back in with your email address and password. Secondly, you will see an alert at the top of your News Feed explaining what happened. Some accounts also may have been logged out even if they weren't affected, simply as a precautionary measure.
Q: What Happened and Has Facebook Fixed It?
A: Hackers exploited a vulnerability in Facebook's code related to the "View As" feature, which allows users to see what their profile looks like to others. The flaw allowed the hackers to steal security tokens that allow an account to stay logged in, and then use those to view various elements of that account, including private posts, and potentially take over the account itself. Facebook says they've fixed the flaw in their code, but have also taken the View As feature offline for the time being.
Q: What Can I Do To Secure My Account?
A: Although Facebook says there's no need to change your password, there's also no harm in doing so. Even if you don't think you've been impacted, you may also want to manually log yourself out of Facebook by going to Settings, Security and Logins, then under Where You're Logged In click the ellipsis (three dots) and then click Log Out.