A developer by the name of Gareth Wright has recently stumbled across a security flaw on the Facebook app for iOS and Android that could give hackers a way to access your Facebook account and cause quite a bit of mess. According to Wright, the flaw is based on how Facebook does not encrypt the user’s login credentials and are stored in plain text files. He notes that while it does not actually spell out the user’s login and password, a hacker through a USB connection or a specially tailored app could potentially identify the credentials and ultimately gain access to your Facebook profile.
The scale of this problem is magnified by apps or games that use Facebook’s login information to link a user’s Facebook account to its services. iOS and Android users are probably familiar with the “Login with Facebook” option some apps present as an option for new users, or to allow users to post photos or game stats onto Facebook directly via their app. Wright mentioned that he contacted Facebook regarding the issue and has apparently received word that a fix is in the works.