A bug in the software used by Facebook moderators to review inappropriate content resulted in the disclosure of identities of moderators to suspected terrorists.
According to the Guardian, the social network giant Facebook put the safety of its content moderators at risk after inadvertently exposing their personal details to suspected terrorist users on the social network.
A bug in the software used by moderators to review and remove inappropriate content resulted in the disclosure of personal profiles of content moderators while they were reviewing the content from the platform.
The bug in Facebook’s moderation application was discovered in 2016 and caused the personal profiles of content moderators to appear among activity notifications for online groups after moderators had removed the groups’ administrators for terms-of-service violations.
“The security lapse affected more than 1,000 workers across 22 departments at Facebook who used the company’s moderation software to review and remove inappropriate content from the platform, including sexual material, hate speech and terrorist propaganda.” reported The Guardian.
“A bug in the software, discovered late last year, resulted in the personal profiles of content moderators automatically appearing as notifications in the activity log of the Facebook groups, whose administrators were removed from the platform for breaching the terms of service. The personal details of Facebook moderators were then viewable to the remaining admins of the group.”
Facebook “inadvertently” exposed the personal details of over 1,000 Facebook employees, approximately 40 of them were from special counter-terrorism unit in Dublin, Ireland.
For six workers the incident was “assessed to be ‘high priority,’ the risk now for the workers is that terrorists and lone wolves could insert them in a kill list.
“Six of those were assessed to be “high priority” victims of the mistake after Facebook concluded their personal profiles were likely viewed by potential terrorists.” continues The Guardian. “The Guardian spoke to one of the six, who did not wish to be named out of concern for his and his family’s safety. The Iraqi-born Irish citizen, who is in his early twenties, fled Ireland and went into hiding after discovering that seven individuals associated with a suspected terrorist group he banned from Facebook – an Egypt-based group that backed Hamas and, he said, had members who were Islamic State sympathizers – had viewed his personal profile.”
The employee is one of the numerous low-paid contractors, he confirmed that he’d relocated to eastern Europe for five months from fear of retaliation.
“It was getting too dangerous to stay in Dublin,” the employee said. “The only reason we’re in Ireland was to escape terrorism and threats.”
Facebook confirmed the breach:
“As soon as we learned about the issue, we fixed it and began a thorough investigation to learn as much as possible about what happened.” said a company spokesperson.
(Security Affairs – Facebook, Terrorists)