扎克伯格又头疼了。

在披露5000万脸书用户账号可能被黑客入侵不到一周后，外界关于黑客攻击的后续担忧加剧。最近几天，一些信息安全专家提出了他们的忧虑：那些入侵用户脸书账号的黑客，也可以入侵那些使用脸书账号登陆第三方服务应用。

毕竟，使用脸书账号来登陆第三方账号的用户成千上万，其中有许多软件可能涉及敏感的个人信息，如Uber、Instagram等等。如果黑客入侵了用户这些应用的账户，那么黑客的活动将会大规模地恶化。

不过，好消息是，Facebook表示，目前为止还没有发现任何证据证明黑客入侵了第三方应用。脸书的产品管理副总裁盖伊·罗森（Guy Rosen）表示：“我们研究了我们所认定的、遭到黑客攻击期间的所有的第三方应用日志。到目前为止，调查还没有发现有任何证据表明攻击者入侵了任何使用Facebook登陆的第三方应用。”

当然，这只是“到目前为止”的情况。调查仍在继续，随着Facebook了解到更多信息，情况随时可能发生变化。

Facebook Inc said on Tuesday that investigators have determined that hackers did not access other sites that use the social networking site's single sign-on in a massive cyber attack that the company disclosed last week.

"We analyzed third-party access during the time of the attack we have identified. That investigation has found no evidence that the attackers accessed any apps using Facebook Login, said Guy Rosen, a Facebook vice president overseeing security, in a statement sent to Reuters.

The announcement comes after Facebook last week disclosed its worst-ever security breach, saying hackers had stolen login codes that allowed them to access nearly 50 million Facebook accounts.

Rosen had warned on a Friday conference call that the hackers could have also accessed third-party websites and apps that allow them to access users' accounts using Facebook logins.

Some security experts, including a former Facebook executive, said the company may have painted a dire, worst-case scenario when it disclosed the attack on Friday to ensure that compliance with strict new European Union privacy rules that took effect in late May.

Mark Zuckerberg, chief executive officer and co-founder of Facebook Inc. /VCG Photo

The EU's General Data Protection Regulation, or GDPR, imposes steep penalties if companies fail to follow rules that include a requirement that they disclose breaches within 72 hours of discovery. That is a tight window that security experts say does not give investigators adequate time to determine the impact of the breach.

"Interesting impact of the GDPR 72-hour deadline: Companies announcing breaches before investigations are complete," former senior Facebook Chief Information Security Officer Alex Stamos said in a tweet.

The result is that "everybody is confused on actual impact, lots of rumors," he tweeted, adding that "a month later, the truth is included in the official filing."

The social networking company's initial warning that the attackers may have accessed external accounts using Facebook Login was alarming because more than 42,000 websites use the service, according to estimates from researchers with the University of Illinois at Chicago.

The warnings prompted some sites to launch their own investigations amid concern the attack could reverberate across the internet.

UK-based travel site SkyScanner and IKEA Group's TaskRabbit, which provides home repairs and furniture assembly, said they would probe the potential impact on their customers.

Ride-hailing service Uber Technologies Inc said it has closed active sessions using Facebook login credentials as it investigated the matter.