Earleir today, Facebook announced that around 50 million accounts had been compromised. According to Facebook -
Our investigation is still in its early stages. But it’s clear that attackers exploited a vulnerability in Facebook’s code that impacted “View As” a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.
Facebook says they have reset the tokens of compromised accounts, which will force users to log in again, and should resolve the problem.
I personally do not trust Facebook with my data, for several reasons. First, I don't trust what Facebook themselves do with our data. Facebook only cares about making money with your data, and never thinks about the morality of what they do with that data.
This security breach illustrates the other potential issue I see with Facebook, and that's the security around individual's data. If you're pessimistic about Facebook, they are mining all of our data for profit, and that's all they care about. If you're optimistic about Facebook, then they care about connecting people. Either way, it's been pretty clear that security is not a priority.
This couldn't be made more clear than it was during the 2016 when foreign state actors used Facebook and others to manipulate the presidential election.
Part of me wonders if this is part of a data mining effort by a nation state, gearing up for another round of targeted political attacks for this November.
For instructions on how to delete your Facebook account entirely, rather than just suspending it, check out this article from the Verge.