Facebook announced that 50 million accounts were affected in a cyberattack that comprised login information.

According to a news release that the social media giant released on Friday, hackers exploited a vulnerability in Facebook’s code that allowed them to steal Facebook access tokens – the things that let its users stay logged on indefinitely – via the “View As” feature, which allows users to see what their profile looks like to other users.

Facebook, which is a popular marketing tool among real estate agents and loan officers, says it shored up the gap in its coding and called in law enforcement, in addition to resetting the access tokens on the 50 million accounts comprised and another 40 million accounts that the company deemed at risk of attack.

Facebook explained that the “View As” function will be disabled as it mulls over its mistakes in a thorough security review.

“Since we’ve only just started our investigation, we have yet to determine whether these accounts were misused or any information accessed. We also don’t know who’s behind these attacks or where they’re based,” Guy Rosen, vice president of product management, said in the statement.

"We’re working hard to better understand these details — and we will update this post when we have more information, or if the facts change. In addition, if we find more affected accounts, we will immediately reset their access tokens,” he added.

It’s been a tough year for Facebook, fraught with controversy and security concerns, and Founder and CEO Mark Zuckerberg is going to have his hands full navigating his company's new cybersecurity faux pas.