Image Credit: Robyn Beck / Getty Images
A man discovered that his Facebook business account had been hacked after the social network reportedly gave the cyber criminal access to his account, with the site doing so after receiving nothing more than a scanned photograph of a fake ID.
Facebook user Aaron’s business page was hacked by a user who requested the social network change the two step verification process on his account, in order to make it easier for him to gain access by way of changing his login information. Facebook informed the hacker that sending the site a photo or scan of his ID would allow them to do so, with Aaron explaining that the hacker then proceeded to send in fake ID that shared his name, but none of his other personal information such as his date of birth.
Posting screenshots of the entire conversation between the hacker and Facebook to Imgur (via Reddit), it was revealed that Facebook responded to this image of the fake ID by granting the hacker access to Aaron’s account, even turning off login approvals to prevent him from getting locked out of the account again in the future.
Check out the entire conversation, including Facebook’s unsympathetic automated response to their error when the real Aaron informs them of their mistake, below:
Aaron confirmed that he eventually regained control of his account, writing: “Facebook returned each and every business page, and gave the Facebook account back. They really saved the day. I am going to see if there are anyways they can help me reveal the hackers, or pursue them through legal means, since they impersonated me and stole from my business. The power of social media is real, and even though this happened Facebook is still my favorite company on earth, I built my businesses and met my future wife all on Facebook.”
However, regardless of Aaron’s relief at having his business pages restored, that Facebook will seemingly so easily hand over access of an account to a hacker utilizing little more than a scanned photo of a fake ID presents a major security problem for the site moving forward, with the automated message the hacker received seeming to suggest that this is company policy, and not an isolated mistake on behalf of a customer service representative. Hopefully this sparks a change in Facebook’s security policy from here on out.
