Facebook’s recent string of management disasters continued with the social networking giant reporting a major hack on Friday that affected up to 50 million people.

CEO Mark Zuckerberg said in a call with reporters the company “patched the issue last night and are taking precautionary measures” to avoid any further damage.

The hackers were able to steal from 50 million accounts, so-called access tokens used to keep people logged into Facebook so they don’t have to constantly re-enter their passwords, explained Facebook vice president of product management Guy Rosen. With the access tokens, hackers could take control of a person’s account, effectively allowing them to do things like read personal messages, post comments, and share information with other users.

The attack is different from Facebook’s Cambridge Analytica scandal, in which an academic researcher built an app that gleaned information from Facebook, and then gave the data to a political consulting firm, violating Facebook’s policies. Although Cambridge Analytica employees were alleged to have used Facebook user data to send people personalized messages to influence their political beliefs, the firm never actually controlled Facebook user accounts without their knowledge.