Thursday, November 17, 2022

Meta reportedly accused dozens of workers of improperly accessing users' accounts — in some cases in return for payments of thousands of dollars
Getty Images

Meta fired dozens of workers after accusing them of accessing user's accounts without authorization, the WSJ reports.
 
Those fired allegedly took advantage of 'Oops,' an internal tool meant to allow exclusive access to Facebook accounts.

Some of the fired workers denied the accusations on the basis of coercion and lack of awareness.

Meta fired dozens of workers after accusing them of taking advantage of an internal tool to access Facebook user accounts without authorization, with some of the activity allegedly taking place in exchange for bribes, according to a report from Wall Street Journal on Thursday.

Some of the fired employees were contracted security guards at Meta's facilities who reportedly used an internal Facebook tool called 'Oops' that helps users who forgot their passwords or emails or were hacked to regain access to their accounts.

Employees are only to use Oops — short for Online Operations — on a case-by-case basis to help friends, family, businesses partners, and public figures recover their Facebook accounts by filling out a form.

However, tasks handled by Oops jumped to more than 50,0000 in 2020 from 28,270 tasks in 2017 to 50, 270 — a 56% uptick in usage,which raised eyebrows among Meta executives, according to an internal document the Journal reviewed.

As part of an internal investigation, Meta executives reportedly found that some employees were abusing Oops by working with third parties to gain unauthorized access to accounts in exchange for tens of thousands of dollars.

One employee was Reva Mandelowitz, a security guard from Meta's security contractor Allied Universal whose employment was terminated in February after the company learned that she had allegedly received thousands of dollars in bitcoin for resetting a handful of user accounts for hackers, reported the Journal.

She told the Journal in an interview that the accusations were false, saying that she requested 20 account resets for loved ones and was coerced by an unknown person to ask for more.

In July 2021, Meta fired Kendel Melbourne, another Allied Universal contractor on accusations of fraud after he allegedly helped third-parties take control of Instagram accounts while he was at the company and even after he left.

Like Mandelowitz, he also denied these allegations, saying that he wasn't informed about how he is supposed to use the Oops system.

A spokesperson for Allied Universal told the Journal that " it takes seriously all reports of violations of our standards of conduct.

Andy Stone, a spokesperson from Meta, told Insider that hackers target online platforms like Meta all the time and that "People should never buy or sell accounts or pay for an account recovery service because doing so violates our Terms."

Stone emphasized that Meta employees who choose to access Oops receive warnings that they should be looking out for phishing scams and to not engage with strangers who reach out to access their accounts.

Still, he said that Meta regularly updates their security measures and "will keep taking appropriate action against those involved in these kinds of schemes."

The firings were reported at a moment when Meta laid off 11,000 employees across the company to cut costs.

No comments: