Meta Reportedly Fires Dozens of Employees for Hijacking Users’ Facebook and Instagram Accounts
Meta is the new hype these days. Education, the fashion industry etc are stepping into this world. But the new world i e, Meta is not safe from cyberattacks. Meta Platforms is said to have fired or disciplined over two dozen employees and contractors over the past year for allegedly compromising and taking over user accounts, The Wall Street Journal reported Thursday.
Some of these cases involved bribery, the publication said, citing sources and documents. Included among those fired were contractors who worked as security guards at the social media firm’s facilities and were given access to an internal tool that allowed employees to help “users they know” gain access to accounts after forgetting their passwords, or had their accounts locked out.
The system, called “Oops” and short for Online Operations, is off limits to a vast majority of the platform’s users, leading to the rise of a “cottage industry of intermediaries” who charge users thousands of dollars and reach out to insiders who were willing to reset the accounts.
According to the Journal, the alternative to Meta’s automated account recovery process, which is limited to employees and their friends and family, business partners, and public figures, is estimated to have processed around 50,270 reports in 2020, up from 22,000 in 2017.
Given the limited access to the tool, it’s not surprising that a black market of sorts has sprung up to service users who have lost access to their accounts.
In one instance, a former security contractor purportedly assisted unnamed third-parties to fraudulently take over Instagram accounts. The individual claimed he was tricked into filing Oops reports to reset the affected accounts in question.
Another case involved a contractor who was fired after an internal investigation found that she reset multiple user accounts on behalf of hackers in return for receiving Bitcoin payments for her services.
Meta told the Journal that buying or selling accounts or paying for an account recovery service is a violation of the social network’s terms of service.