Report: Facebook bug revealed employees' identities to suspected terrorist groups

Report: Facebook bug revealed employees' identities to suspected terrorist groups

A software bug exposed the identities of more than 1,000 Facebook moderators to users of the site who belonged to groups being monitored for posting inappropriate content, including promoting terrorism or hate speech, according to a report from the Guardian.

The security breach sent at least one person, a contractor for Facebook’s counterterrorism department, into hiding after having his identity revealed to users associated with an Egyptian-based terror group.

The man, who asked the Guardian not to identify him, said that he filed a legal claim against Facebook and the contractor, Cpl Recruitment, for psychological damage inflicted by the security breach.

A Facebook spokesman confirmed the incident to the Guardian and said it had made technical changes to fix the glitch.

ADVERTISEMENT
“We care deeply about keeping everyone who works for Facebook safe,” the spokesman said. “As soon as we learned about the issue, we fixed it and began a thorough investigation to learn as much as possible about what happened.”

The bug caused the content moderators’ profiles to show up in the activity logs of groups that had members removed for violating Facebook’s content policies.

The man who went into hiding said that Facebook had not done enough to address the security failure.

“Keep in mind that when the person sees your name on the list, it was in their activity log, which contains a lot of information,” Facebook’s head of global investigations, Craig D’Souza, wrote in an email exchange obtained by the Guardian, “there is a good chance that they associate you with another admin of the group or a hacker.”

“I understand Craig, but this is taking chances,” the unidentified man replied. “I’m not waiting for a pipe bomb to be mailed to my address until Facebook does something about it.”