NEW YORK (AP) — Facebook reported a major security breach in which 50 million user accounts were accessed by unknown attackers.

The attackers gained the ability to "seize control" of those user accounts, Facebook said, by stealing digital keys the company users to keep users logged in. Facebook has logged out the 50 million breached users — plus another 40 million who were vulnerable to the attack. Users don't need to change their Facebook passwords, it said.

Facebook said it doesn't know who was behind the attacks or where they're based. In a call with reporters on Friday, CEO Mark Zuckerberg said that attackers would have had the ability to view private messages or post on someone's account, but there's no sign that they did.

"We do not yet know if any of the accounts were actually misused," Zuckerberg said.

The hack is the latest setback for Facebook during a tumultuous year of security problems and privacy issues . So far, though, none have significantly shaken the confidence of the company's 2 billion global users.