More Than a Million Facebook Usernames and Passwords Stolen with Third-Party Apps

James Andersen


blog image

Logging in to third-party apps with your Facebook credentials is convenient, but at the same time, it is risky. According to the latest report by Meta, over 1 million logins and passwords have been compromised recently because of third-party apps. Disguising themselves as regular apps and games, they have been designed specifically for stealing credentials.

Among over 400 apps caught at such an inappropriate behavior, about 42% were photo editors. Of course, everyone likes to have their faces on pictures on social media filtered and beautified, but this may cost you. As soon as you authorize on Facebook with such an app to post your edited picture there, your data gets stolen. Among other categories, there are games, productivity apps, and health trackers. All of these categories have lots of decent apps, so the reason why users have installed these malicious ones may be pure curiosity or the ads that offered for free the abilities that other apps offer for money.

Users affected by this issue have received a warning prompting them to change your passwords as soon as possible. In addition, they are recommended to take extra measures for strengthening their security, like enabling two-factor authentication.

As for the culprit apps, they are gradually deleted from app stores. Google is reporting to have deleted all the apps in question from Play Store. As for Apple, the company has so far removed 45 of them from App Store, others being examined. Still, Android users may download apps from third-party sources Alphabet cannot control. If you like to download and install apps from alternative sources, it’s a reason to be even more careful now.

Have you been affected by this issue and sent the notification? Do you often install apps from independent stores, and if so, how do you protect your data with them? We’d like to read your stories and recommendations in the comments!