Meta Reportedly Fires Dozens of Employees for Hijacking Users’ Facebook and Instagram Accounts

News

Meta Platforms is said to have fired or disciplined over two dozen employees and contractors over the past year for allegedly compromising and taking over user accounts, The Wall Street Journal reported Thursday.

Some of these cases involved bribery, the publication said, citing sources and documents.

Included among those fired were contractors who worked as security guards at the social media firm’s facilities and were given access to an internal tool that allowed employees to help “users they know” gain access to accounts after forgetting their passwords, or had their accounts locked out.

The system, called “Oops” and short for Online Operations, is off limits to a vast majority of the platform’s users, leading to the rise of a “cottage industry of intermediaries” who charge users thousands of dollars and reach out to insiders who are willing to reset the accounts.

“You really have to have someone on the inside who will actually do it,” an owner of a content creator platform was quoted as saying.

According to the Journal, the alternative to Meta’s automated account recovery process, which is limited to employees and their friends and family, business partners, and public figures, is estimated to have processed around 50,270 reports in 2020, up from 22,000 in 2017.

Given the limited access to the tool, it’s not surprising that a black market of sorts has sprung up to service users who have lost access to their accounts.

In one instance, a former security contractor purportedly assisted unnamed third-parties to fraudulently take over Instagram accounts. The individual claimed he was tricked into filing Oops reports to reset the affected accounts in question.

Another case involved a contractor who was fired after an internal investigation found that she reset multiple user accounts on behalf of hackers in return for receiving Bitcoin payments for her services.

Meta told the Journal that buying or selling accounts or paying for an account recovery service is a violation of the social network’s terms of service.

Products You May Like

Articles You May Like

CISA Warns of Multiple Critical Vulnerabilities Affecting Mitsubishi Electric PLCs
‘Black Proxies’ Enable Threat Actors to Conduct Malicious Activity
Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022
Let’s Make Security Easy
New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers

Leave a Reply

Your email address will not be published. Required fields are marked *