The #Facebook account breach extends way beyond the site itself. The compromise of access tokens means the FB SSO (Single Sign-On) mechanism was also vulnerable, meaning users' accounts on third-party sites implementing the FB SSO system may have also been compromised. https://www.wired.com/story/facebook-security-breach-third-party-sites/