Facebook has suffered an attack that exposed 50 million people's personal accounts, the company has admitted.

A vulnerability in the social network's code meant that hackers could take over people's log-ins and see their most private information, the company said. It said that it was sorry the potential breach had occurred.

The issue related to the "view as" tool, which allows people to see their own profiles as they would look to other people. By exploiting that, hackers could steal the "access token" that keeps people's accounts safe and then break into them, Facebook said.

How to stop Facebook from revealing everything about you Show all 9 1 /9 How to stop Facebook from revealing everything about you How to stop Facebook from revealing everything about you Lock your profile down If you haven’t done this already, do it now. In Settings, hit the Privacy tab. From here, you can control who gets to see your future posts and friends list. Choose from Public, Friends, Only Me and Custom in the dropdown menu. How to stop Facebook from revealing everything about you Limit old posts Annoyingly, changing this has no effect on who’s able to see your past Facebook posts. Instead, on the Privacy page, you have to click on Limit Past Posts, then select Limit Old Posts and finally hit Confirm on the pop-up. How to stop Facebook from revealing everything about you Make yourself harder to find You can stop completely random people from adding you by selecting Friends of Friends from the dropdown menu in the Who can send you friend requests? section of the Privacy page. It’s also worth limiting who can find your Facebook profile with your number and email address. At the bottom of the page is the option to prevent search engines outside of Facebook from linking to your profile. How to stop Facebook from revealing everything about you Control access to your Timeline You can limit who gets to post things on your Timeline and who gets to see posts on your Timeline too. In Settings, go to Timeline and Tagging and edit the sections you want to lock down. How to stop Facebook from revealing everything about you Block people When you block someone, they won’t be able to see things you post on your Timeline, tag you, invite you to events or groups, start conversations with you or add you as a friend. To do it, go to Settings and Blocking. Annoyingly, you have to block people on Messenger separately. You can also add friends to your Restricted list here, which means they’ll still be friends with you but will only be able to see your public posts and things you share on a mutual friend's Timeline. How to stop Facebook from revealing everything about you Review tags One of Facebook’s handiest privacy features is the ability to review posts you’re tagged in before they appear on your Timeline. They’ll still be visible on the News Feed while they’re fresh, but won’t be tied to your profile forever. In Timeline and Tagging, enable Timeline review controls. How to stop Facebook from revealing everything about you Clean up your apps You can view a list of all of the apps you’ve connected to your Facebook account by going to Settings and Apps. The list might be longer than you expected it to be. It’s worth tidying this up to ensure things you no longer use lose access to your personal information. If you don’t want to log into websites and apps with your facebook account, scroll down and turn Platform off. How to stop Facebook from revealing everything about you Change your ad preferences You can view a list of everything Facebook thinks you’re into and tinker with your ad preferences by going to Settings and Adverts. A lot more information is displayed on the desktop site than the app, so we’d recommend doing this on a computer. How to stop Facebook from revealing everything about you Download your data Facebook lets you download all of the data it has on you, including the posts you’ve shared, your messages and photos, ads you’ve clicked on and even the IP addresses that are logged when you log in or out of the site. It’s a hell of a lot of information, which you should download to ensure you never over-share on the social network again.

The company found the flaw on Tuesday and has only just begun its investigation, it said, meaning that it cannot say how the bug was used and who by. It did not say whether it knew who had been affected by the hack.

Anyone whose account was compromised is likely to be informed as Facebook continues its investigation. There is little that anyone can do apart from checking that an account does not appear to have been used by somebody else, and while it is good practise to change passwords regularly, that will not undo the effects of this attack.

Facebook said that law enforcement was informed and the bug had been patched. It had also completely turned off the "view as" feature for now and would reset those security codes so that anyone who broke in to an account would now be kicked out.

That will mean that some 90 million people – the 50 million people thought to be affected, as well as further 40 million who were subject to a "view as" request in the last year – will be kicked out of their accounts and will have to log back in. Having to do that does not necessarily mean that anyone has seen inside your account.

Facebook did suggest that more people could be found to have been potentially affected, and that it was continuing its investigation.

"Since we’ve only just started our investigation, we have yet to determine whether these accounts were misused or any information accessed," Guy Rosen, its vice president of product management, wrote in a blogpost.

"We also don’t know who’s behind these attacks or where they’re based. We’re working hard to better understand these details – and we will update this post when we have more information, or if the facts change. In addition, if we find more affected accounts, we will immediately reset their access tokens."

The attack came about because of a "complex interaction of multiple issues in our code", Facebook said. It gave few details about how it would have been exploited, beyond the fact that it relied on the "view as" feature and that it "stemmed from a change we made to our video uploading feature in July 2017" that affected that tool.

"People’s privacy and security is incredibly important, and we’re sorry this happened," Mr Rosen wrote in the post. "It’s why we’ve taken immediate action to secure these accounts and let users know what happened."

European data protection regulation means that Facebook is forced to make such potential breaches public as soon as they happen or face huge fines.

Mark Zuckerberg on Cambridge Analytica: 'I'm really sorry'

It is just the latest security issue to hit the site. In April, for instance, it said that malicious actors were using its search tool to harvest information about most of its two billion users.

And last month its former security chief warned that it was already too late to stop the site being used to interfere with the upcoming midterm elections.