Facebook denies mass hijack was down to flaw

Summary:The social-networking site has said no user data was in danger when almost 300 user groups were taken over by privacy campaigners

Facebook has denied that a hijack of almost 300 of its groups was due to a security vulnerability, or has endangered any of its users' data.

A spokesperson for the social-networking site said in a statement on Tuesday that no hacking was involved in the hijack.

A group called Control Your Info had been taking control of Facebook user groups in an effort to draw attention to privacy issues.

The group said it had done a Google search to find Facebook groups lacking an administrator. It then joined 289 of those groups, and changed the picture, name and description of the group, to draw attention to potential privacy issues.

"We have seen too many examples where friends and relatives of ours have suffered from their lack of in-depth knowledge concerning their online presence," said the group in a blog post. "People have even lost their jobs over Facebook content. We wanted to do something about this."

A post on one of the hijacked groups read: "We could rename your group and call it something very inappropriate and nasty, like 'I support paedophile's rights'. But have no fear — we won't."

However, Facebook on Tuesday denied that any of its members had been in danger.

"Group administrators have no access to private user information and group members can leave a group at any time," said the Facebook statement. "For small groups, administrators can simply edit a group name or info, moderate discussion, and message group members."

Facebook said that for large groups, the names cannot be changed, and all members cannot be sent a message.

"In the rare instances when we find that a group has been changed inappropriately, we will disable the group, which is the action we plan for these groups," Facebook added.

Some group members did not appear to support Control Your Info's actions. Michael Sixtus posted a message on his group's board describing the privacy campaigners as "ethical hacking net nannies".

Facebook has been the target of hack attacks in the past, including an attack that targeted users with the Zeus banking Trojan.

Topics: Security

About

Tom is a technology reporter for ZDNet.com, writing about all manner of security and open-source issues.Tom had various jobs after leaving university, including working for a company that hired out computers as props for films and television, and a role turning the entire back catalogue of a publisher into e-books.Tom eventually found tha... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.