What happened on Facebook?

On the afternoon of Tuesday, September 25, Facebook’s engineering team discovered a security issue. The team fixed the vulnerability and took the precautionary step of resetting the access tokens of anyone who might have been affected.

Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.

What does this mean for Workplace?

For most Workplace accounts, nothing. Workplace is set up differently than Facebook, and most accounts don’t use the access tokens that could have been affected by this vulnerability.

However, during the beta phase of Workplace, prior to the summer of 2016, Workplace included a feature that allowed people to link their personal Facebook and Workplace accounts. Linked accounts from this period could have been affected by this issue.

All of those accounts were protected when we reset affected access tokens last week.

If you joined Workplace after summer 2016, your Workplace account was not affected.

If you joined before summer 2016 and chose to link your accounts, but then enabled Single Sign-On, your Workplace account was not affected.

If you joined before summer 2016, linked your personal Facebook and Workplace accounts, have not enabled Single Sign-On, and had your access tokens reset in connection with this issue, it is possible that your Workplace account could also have been affected, but it has now been protected.

I’m a customer – what should I do next?

No further action needs to be taken by Workplace customers.

Your security remains our top priority, which is why our compliance certificates include ISO 27001, SOC2, SOC3 and the EU/US Privacy Shield.

For the latest information, check out the official Facebook Newsroom post. If you’re a customer with more questions, please reach out to our Customer Support team.

What's next

Read more Product updates

Why ADP and Workplace are Better Together

Workplace and ADP now integrate. And it’s boosting productivity by providing convenient access to your HR and pay information. We talk to Ari Osur, VP Marketing, ADP Ventures to find out more.

Read more Product updates

Using Workplace Groups to take control of collaboration

Create a private space to discuss projects, manage information and securely share documents with people and teams.