Concealed Facebook Security Breach with Implications for Minors Uncovered By Planet Zuda Security
Undisclosed Facebook Data Breach Exposed By Planet Zuda Cybersecurity
By: Planet Zuda, LLC
Cybersecurity firm Planet Zuda has uncovered a concealed security breach within Facebook's systems, leading to a pivotal policy change allowing individuals with banned accounts to access some personal data. This development stemmed from Planet Zuda's discovery that hackers had gained control of Facebook's moderation system to ban accounts. Initially focused on a single client's account, the effort expanded to reinstate all accounts affected by the undisclosed hack discovered in August 2023.
Planet Zuda's investigation revealed that account bans were executed through a breach in Facebook's moderation systems by hackers, not by Facebook's internal team. These unauthorized entities stealthily imposed bans, operating in coordinated pairs.
Facebook confirmed the breach following Planet Zuda's bug bounty program filing. Planet Zuda then escalated efforts, engaging with legal authorities, government agencies, and media. A Reddit thread was instrumental in tracking compromised accounts.
On October 25th, a mass restoration of banned accounts began, secured pending ownership verification. This marked a significant step in addressing the breach's consequences.
Concerns for Families and Minors
The breach raises alarming concerns for families. Hackers with moderator-like powers could have compromised minors' accounts, potentially exposing or selling their private communications. This risk is underscored by Meta employees' testimonies about challenges in protecting teen users. Parents should note the vulnerability of children under 13 using Facebook during the breach.
Despite these advancements, Planet Zuda notes the absence of a mandatory breach filing with California's Attorney General Data Security Breach system and urges Facebook to inform the affected users.
As this cybersecurity advocacy chapter concludes, the incident highlights digital vulnerabilities and the need for robust online protections, especially for younger users. While Planet Zuda has brought these issues to light, Facebook bears the responsibility for resolution and ongoing security measures.
For a detailed account and further insights, visit Planet Zuda's comprehensive blog post.
Ryan Satterfield, Founder, Planet Zuda
Phone or text: (917) 727-5257
Page Updated Last on: Dec 04, 2023