Facebook was aware of the security risks of the login tokens that caused a major data breach last year. This is apparent from documents held by Reuters . 30 million users were affected by the data breach.
The company was sued by a number of users after the leak and now documents from that lawsuit show that Facebook has warned its own staff of the risks, but not its users.
With the login tokens, users could log in to different services, without having to enter a new password each time. A vulnerability allowed hackers to steal login tokens and use them to take over user accounts.
The warning to the company's own staff shows that Facebook was aware of the risks of the login system. However, no steps have been taken to make the system more secure.
Research is still being done into the data breach. It soon became known that fewer than five million European users were affected.
See also: The Facebook scandals of last year in a row