Facebook Fires 'Stalker' Engineer
Facebook has fired an engineer accused of misusing private data to 'stalk' women online. He is thought to be a security engineer who abused his 'privileged access' level to data.
One of the engineer's alleged victims was the founder of a cyber security company. She's made public the conversation she had with the Facebook engineer, in which the man talks about being a security analyst. He wrote: "... I also try to figure out who hackers are in real life... [so, I'm a] professional stalker."
It appears the pair were conversing after being connected through the dating app Tinder. To make sure users of the app are who they say they are, Tinder users must sign up using their Facebook account.
Victim Gets Tip-Off
The woman who raised the issue says she was told by an anonymous source that the man was "likely using privileged access to stalk women online." She says she independently confirmed this was the case as the man used the same photo for his Tinder account and LinkedIn, a business networking site.
The reference to 'privileged access' has a specific meaning in an information technology context. It's roughly equivalent to having an elevated security clearance and thus being able to access data that ordinary employees can't see.
Facebook Launching Own Dating Site
Alex Stamos, the head of security at Facebook, said:
"It's important that people's information is kept secure and private when they use Facebook. It's why we have strict policy controls and technical restrictions so employees only access the data they need to do their jobs - for example to fix bugs, manage customer support issues or respond to valid legal requests. Employees who abuse these controls will be fired." (Source: pcmag.com)
The incident has particularly ironic timing. Earlier this week Facebook announced it will be launching its own online dating service aimed at producing longer-lasting relationships. The idea is to use Facebook's data to match people based not only on their responses to a questionnaire but also on common interests expressed on Facebook and whether people have friends in common. (Source: businessinsider.com)
What's Your Opinion?
Does Facebook deserve praise or criticism for the incident and the way it's handled it? Should companies more tightly vet employees who have high levels of access to customer data? Or is the threat of instant dismissal the only way to minimize the risks?
Most popular articles
- Which Processor is Better: Intel or AMD? - Explained
- How to Prevent Ransomware in 2018 - 10 Steps
- 5 Best Anti Ransomware Software Free
- How to Fix: Computer / Network Infected with Ransomware (10 Steps)
- How to Fix: Your Computer is Infected, Call This Number (Scam)
- Scammed by Informatico Experts? Here's What to Do
- Scammed by Smart PC Experts? Here's What to Do
- Scammed by Right PC Experts? Here's What to Do
- Scammed by PC / Web Network Experts? Here's What to Do
- How to Fix: Windows Update Won't Update
- Explained: Do I need a VPN? Are VPNs Safe for Online Banking?
- Explained: VPN vs Proxy; What's the Difference?
- Explained: Difference Between VPN Server and VPN (Service)
- Forgot Password? How to: Reset Any Password: Windows Vista, 7, 8, 10
- How to: Use a Firewall to Block Full Screen Ads on Android
- Explained: Absolute Best way to Limit Data on Android
- Explained: Difference Between Dark Web, Deep Net, Darknet and More
- Explained: If I Reset Windows 10 will it Remove Malware?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
Rogue trader
Well..... just one more hazard of using the dreaded, so-called "social media". It's got a lot to answer for. How does a company guard against someone employed by them, who abuses their trusted position? The answer is - they can do nothing! There's an old saying...."Who watches the watchers?" If someone turns "rogue", who's to know, until the dirty deed is exposed? The damage is done, reputations sullied and (hopefully) heads will roll. I will NOT use ANY form of social media and I remain as anonymous as possible in comments or forum pages such as this. As far as I'm concerned, real names and other genuine data stay firmly with me.
I have worked on this exact
I have worked on this exact problem, and best answers I know:
1. have clever access control system that allows minimum access do do one's job.
2. Build access entry including what accessed, date. who accessed & reason.
Reason examples being cust inquiry num, system bug number or whatever.
3. Log all access entries and peruse log for strange actions.
4. Record access entries against data being accessed, so data owner can see who looked/updated their data.
With the approach above, any "complaint" can be quickly analyzed