Facebook Employees ‘Accessed User Passwords’

Katherine Losse, ex-speech writer for Mark Zuckerberg, is now warning the masses of open password access. She is claiming that the social network giant has a master password, allowing entry to any account on the popular platform, according to the Voice of Russia.

She explained to the media that staff needed to have access to accounts in order to manage and repair user issues, claiming that it was common practice at the time for early-stage startups to give their staff access to customers’ personal information. This may raise concerns as an unknown amount of Facebook users login with that very password on other networks too.

Still, Losse did confess that more sophisticated ways of logging in to fix accounts has been put in place and Facebook now has “very, very strict processes” enabled to keep passwords and user information safe and sound.

“Facebook is very highly regulated and places great importance on the integrity of the information people choose to add to it,” a source close to Facebook said.

Two kinds of staff members are allowed to enter a user’s account, the ones from the operations team and the security team. Even though these employees get access to a person’s private account, this is monitored and logged every day.

The Irish Data Protection Commission discovered through an audit that Facebook actually has “an appropriate framework to ensure that all access to user data is on a need to know basis”.

Still, privacy campaign Big Brother Watch claims that this incident is another reminder for internet users to always ask themselves who can dip into their virtual communications.

“Whether it’s an administrator doing it themselves, or as we’ve seen with other services people resetting the administrator’s password and accessing it themselves, with any service like this there is always a risk of your privacy being compromised. The key difference with Facebook is that it is so much faster to identify the account of the person you’re trying to snoop on,” Nick Pickles, director of privacy campaign Big Brother Watch, said.

 “Ultimately whether it’s health records or Facebook accounts, someone other than you is always going to need to have the ability to access your data, whether for security or service delivery reasons. The question people should be asking is just how much personal information you’re willing to be available in the first place,” Pickles said.

Back in 2009, a hacker from France got a hold of a Twitter staff account, giving him clearance to look at user accounts on the site. After he guessed the answer for the secret question to obtain their Yahoo password, the hacker said he got the chance to grab information about the staffer’s Twitter login data.

H.M