(Reuters) – Facebook (FB.O) users suing the world’s largest social media network over a 2018 data breach say it failed to warn them about risks tied to its single sign-on tool, even though it protected its employees, a court filing on Thursday showed.

FILE PHOTO: A Facebook logo on an Ipad is reflected among source code on the LCD screen of a computer, in this photo illustration taken in Sarajevo June 18, 2014. REUTERS/Dado Ruvic/File Photo

Single sign-on connects users to third-party social apps and services using their Facebook credentials.

The lawsuit, which combined several legal actions, stems from Facebook Inc’s worst-ever security breach in September, when hackers stole login codes – or “access tokens” – that allowed them to access nearly 29 million accounts.

“Facebook knew about the access token vulnerability and failed to fix it for years, despite that knowledge,” the plaintiffs said in a heavily redacted section of the filing in the U.S. District Court for the Northern District of California in San Francisco….

Click to continue reading on its source location…

Source: http://feeds.reuters.com/~r/reuters/businessNews/~3/MunDmK4TqH8/facebook-failed-to-warn-users-of-known-risks-before-2018-breach-court-filing-idUSKCN1V600N