Facebook on Tuesday said it's found no evidence that the hackers responsible for last week's massive security breach accessed third-party apps via Facebook Login.
The hackers responsible for the breach, which impacted at least 50 million Facebook users, exploited a vulnerability in Facebook's code to steal access tokens -- digital keys that are used to keep users logged in when they enter their username and password.
After the breach, Facebook reset the tokens for 90 million accounts, prompting those users to log back in to Facebook, as well as back into any apps that use Facebook Login.
Also: How political campaigns use big data to get out the vote TechRepublic
In a blog post, Facebook's VP of Product Management Guy Rosen said the company has now analyzed its logs for all third-party apps installed or logged during the attack. There's no evidence so far of breached third-party apps, he said.
Now that Facebook has reset the tokens, third-party developers should be in the clear -- as long as they were using Facebook's official SDKs and regularly checked the validity of their users' access tokens. But to be sure the issue is resolved for everyone, Facebook is building a tool to enable developers to manually identify any of their users who may have been affected, so they can log them out.
Previous and related coverage:
The Voatz app is designed for troops serving abroad and uses blockchain tech.
Facebook is planning to establish a physical "war room" designed to bring staff together to find and destroy attempts to meddle with upcoming elections.
Claiming a win over Russian plans to hack US politicians, Microsoft unveils a new security service to detect attacks expected in the lead-up to the midterms.
And nearly all of them are up for re-election later this year.