Meta Reportedly Fires Dozens of Employees for Hijacking Users’ Facebook and Instagram Accounts

News

Meta Platforms is said to have fired or disciplined over two dozen employees and contractors over the past year for allegedly compromising and taking over user accounts, The Wall Street Journal reported Thursday.

Some of these cases involved bribery, the publication said, citing sources and documents.

Included among those fired were contractors who worked as security guards at the social media firm’s facilities and were given access to an internal tool that allowed employees to help “users they know” gain access to accounts after forgetting their passwords, or had their accounts locked out.

The system, called “Oops” and short for Online Operations, is off limits to a vast majority of the platform’s users, leading to the rise of a “cottage industry of intermediaries” who charge users thousands of dollars and reach out to insiders who were willing to reset the accounts.

“You really have to have someone on the inside who will actually do it,” an owner of a content creator platform was quoted as saying.

According to the Journal, the alternative to Meta’s automatedaccount recovery process, which is limited to employees and their friends and family, business partners, and public figures, is estimated to have processed around 50,270 reports in 2020, up from 22,000 in 2017.

Given the limited access to the tool, it’s not surprising that a black market of sorts has sprung up to service users who have lost access to their accounts.

In one instance, a former security contractor purportedly assisted unnamed third-parties to fraudulently take over Instagram accounts. The individual claimed he was tricked into filing Oops reports to reset the affected accounts in question.

Another case involved a contractor who was fired after an internal investigation found that she reset multiple user accounts on behalf of hackers in return for receiving Bitcoin payments for her services.

Meta told the Journal that buying or selling accounts or paying for an account recovery service is a violation of the social network’s terms of service.

Products You May Like

Articles You May Like

The Problem of Permissions and Non-Human Identities – Why Remediating Credentials Takes Longer Than You Think
10 Most Impactful PAM Use Cases for Enhancing Organizational Security
Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments
Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials
Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices

Leave a Reply

Your email address will not be published. Required fields are marked *