Last week's Facebook breach just got a lot worse.
The Guardian reported that on Friday, the social media company said a vulnerability allows attackers to steal "tokens" or automated log-in credentials.
These "tokens" can make it easier for attackers to log into other apps on phones like Spotify, Pinterest and Yelp. The Guardian reported the flaw had been present since July 2017 and was discovered in September after Facebook engineers saw unusual login activity.
The New York Times said researchers think the damage from the breach could extend beyond Facebook's borders.
Read more from the Guardian: Huge Facebook breach leaves thousands of other apps vulnerable
The breach, discovered Sept. 25, exploited a feature in Facebook's code that allowed them to take over user accounts. Facebook said nearly 50 million users were breached.
Around 90 million people were logged out of their Facebook accounts Friday morning after the breach was discovered.
Facebook says it is in the early stages of the breach investigation and has not yet identified attackers. It does not know the origin of the attack.
►Make it easy to keep up-to-date with more stories like this. Download the 10News app now.
Have a news tip? Email desk@wtsp.com, or visit our Facebook page or Twitter feed.
