Facebook lockA bug in an account verification system used by Facebook resulted in a wave of account suspensions Tuesday that had users locked out of the world’s largest social network and scratching their heads over the reason. 

Facebook discovered a bug in a system designed
to detect and 
disable fake accounts, said Simon Axten, a Privacy and Public Policy Associate at Facebook. The bug caused what the company described as “a very small percentage of
Facebook accounts to 
be mistakenly disabled.”

Facebook has since fixed the bug and as of Tuesday, the company was in the process of reactivating and notifying the people who were
affected by it. But that didn’t stop users whose accounts were deactivated from receiving automated requests from Facebook for photo identification or other proof that they were the legitimate account owner. 
 

Axten said those requests were in error.

“When we detect that an account may be fake, we ask
the owner to verify his or her identity. 
In very rare cases where no other form of 
verification is possible, we may ask the account
owner to verify by 
providing a valid ID…The bug caused people to be asked to provide this
verification when they shouldn’t have been
,” he wrote in an e-mail to Threatpost. 

With their Facebook Wall and friend networks inaccessible, many users voiced their displeasure on Twitter following the lock-outs and there were reports, unconfirmed, that it affected female account holders disproportionately. 

It is unclear what the cause of the mishap was. Facebook this week introduced a new messaging system that it hopes will rival more established Web based e-mail systems like Google’s Gmail and Yahoo.

With a user base of hundreds of millions, Facebook has become a sought after platform for spammers and other looking to push malicious wares or advertise their products. The company has developed a sophisticated system for identifying and blocking rogue- or fake user accounts.

Categories: Social Engineering, Vulnerabilities, Web Security

Comments (6)

  1. Anonymous
    1

     As a facebook user have noticed alot of attacks on the site. Today access to games and other apps are not working. Its a free site to social and game activity but the owners of FB should do abit more for security.

  2. Emily
    3

    Facebook has glitches.  It seems it also censors posts that tout personal freedoms.  That is Facebook.  But if you constantly disable all applications and games, and block all the people who put them on your scroll if they persist, and if you are very careful not to click on ‘come-ons’ like “Sign this petition so dogs in Bosnia won’t be treated cruelly,” eventually you will have very little problem.

  3. Anonymous
    4

    My Facebook account was disabled without reason or warning. Asked that I submit a government ID to get it back. No Way!! It is not worth it. An apology would be nice!

  4. Patricia
    5

    My account was disabled and even though I supplied the requested I.D. (for the only account I’ve ever had with FB), I was advised they would not reinstate my account.  I feel legal action, or at least an investigation, should be taken to see why:

    Women’s accounts were targeted (discrimination; makes you wonder what they were programming to cause this alleged “glitch”);

    Despite demanding government issued photo I.D. as a “requirement” of reactivating the account, it appears that not everyone was asked for this “requirement” (discrimination);

    No activation of accounts once demanded “proof” was received, clearly supporting  authenticity of ownership (discrimination due to age, sex, etc.?)

    Now that they have acquired the photo id’s of thousands, including those they deem not worthy of FB, this information is in the hands of the “FB Team” who can use this information for less than stellar purposes, including identify theft.

  5. andrew
    6

    Hi my account has been roadblock for a few months i went through some step to get it back like identifying pictures of friends plus entering new passwords then it was working again but it seems to keep on coming back saying my account has been compromised now i have 6 steps saying change password and also give us your email password. Now why the hell do they need my email password so i know that my account is still in phishing. So for now i my account say its temeraliy suspended and will remain that way till i give in my email password to them.   

    please some if they now how to fix this problem please help me!!!! i also have another email if my hotmail is also phished    tomdooly48@yahoo.com  thank you  

    andrew 

Comments are closed.