The National Privacy Commission (NPC) headed by Commissioner Raymund E. Liboro on Saturday, September 29, asked all Filipinos that has Facebook accounts to enable multi-factor authentication.
Liboro made this advice after receiving information from the social networking giant about the attack on facebook compromising around 50 million users.
He said the NPC has prescribed breach management procedures in place and expects Facebook to abide by these rules.
“The NPC shall notify the public about developments and its actions on this matter. To protect themselves, all Facebook users must enable multi-factor authentication on all platforms, employ strong passwords, and practice good digital hygiene,” said Liboro in a statement sent to journalists.
Here’s the full NPC statement:
At around 12:49 AM of September 28, we received informal notice from Facebook representatives that they had found a vulnerability in their app that was exploited by malicious attackers.
Facebook claims that the vulnerability affected around fifty million users, exposing personal data stored in their Facebook profiles.
ALSO READ: Huazhu Group customers’ data offered for sale on Dark Web for 8 Bitcoin
The vulnerability was attributed to a combination of several programming errors in updates made in July 2017. As a result, malicious intruders were able to generate access tokens.
These access tokens allowed the intruders to log into affected FB profiles as if they were the actual profile holders. This means they had the ability to access data reserved for account holders even without having to enter the user’s password.
As a remediation measure, FB terminated the sessions of persons it identified as having been affected and had them enter their login credentials again. This morning, the company has notified affected users of the incident. We have informed Facebook, however, that the notification it sent to individuals leaves much to be desired.
ALSO READ: Teen hackers become business owners
According to the company’s representatives, the investigation is still in its early stages. They have not determined yet how many Filipinos are affected and whether misuse of personal information had resulted from this breach.
The NPC has prescribed breach management procedures in place and we expect Facebook to abide by these rules.
The NPC shall notify the public about developments and its actions on this matter. To protect themselves, all Facebook users must enable multi-factor authentication on all platforms, employ strong passwords, and practice good digital hygiene. (NPC)
 asked all Filipinos that has facebook account to enable the multifactor authentication.){kind=link}