Meta fires employees for allegedly hacking into users' accounts

Meta has allegedly fired and/or discipled more than 12 employees for hacking into users’ Facebook and Instagram accounts on the behalf of hackers.

According to the Wall Street Journal (WSJ), which broke the story on November 17, some of the hacking cases involved bribery, with employees being paid thousands of dollars to hack into the accounts.  

According to an internal investigation into the account hijacking, those fired by Meta included contractors employed at the company’s facilities as security guards. They were able to hack into unsuspecting victim’s accounts after being allowed access to Online Operations, known as ‘OOps’, a tool used to help users log back into their accounts after being locked out or forgetting their login details. 

Access to OOps is usually heavily regulated, with the vast majority of users being unable to access it and having to use Meta’s other avenues for account recovery. However, this has led to a rise in a so-called "cottage industry of intermediaries" who charge users thousands of dollars to reset their accounts.

To be able to take advantage of OOps, outsiders must "really have to have someone on the inside who will actually do it", according to Nick McCandless, owner of content creation platform McCandless Group.  

An internal document accessed by the WSJ showed that this alternative to the usual account recovery procedure which the majority of users have to go through in the event they cannot access their account, processed 50,720 tasks in 2020, a 77 percent increase in use from 2017.

In the document viewed by the WSJ, a former employee fired in February of this year was allegedly accused of working with hackers and being paid thousands of dollars in Bitcoin to reset multiple Facebook accounts for them. The employee accused has denied any wrongdoing.

Another individual claimed that they were tricked into filling out OOps forms and allowing third parties access to a number of Instagram accounts. The third parties then fraudulently took over the accounts.

Andy Stone, a spokesperson for Meta, said to the Wall Street Journal that “individuals selling fraudulent services are always targeting online platforms, including ours”, and that they are “adapting their tactics in response to the detection methods that are commonly used across the industry”. He added that Meta will “keep taking appropriate action against those involved in these kinds of schemes”.

Stone also noted that buying or selling accounts, or access to account recovery services, is a violation of Meta’s terms of service. 
Meta is currently investigating former employees who allegedly stayed in contact with their former coworkers to retain access to OOps and hack into accounts.