There is no evidence that attackers who potentially compromised 90 million Facebook accounts accessed any apps using Facebook Login, the company said in a statement.
This follows a notice from Facebook last week which said that its engineering team discovered a security breach that affected almost 5o million accounts which had their access tokens stolen.
Access tokens are the equivalent of digital keys, Facebook explained.
Facebook has since said that in addition to the 50 million accounts that had access tokens stolen, there were 40 million that were subject to a “View As” look-up in the last year.
The company reset the affected access tokens to protect the security of people’s accounts. This meant they had to log back in to Facebook, and any of their apps that use Facebook Login.
“We’ve had questions about what exactly this attack means for the apps using Facebook Login,” the company said.
“We have now analysed our logs for all third-party apps installed or logged in during the attack we discovered last week. That investigation has so far found no evidence that the attackers accessed any apps using Facebook Login.”