A recently discovered flaw in Facebook’s abuse reporting tool allowed anyone to access private photographs of other users, including Facebook founder Mark Zuckerberg. Until it was fixed today, the reporting tool allowed anyone who reported a public photograph’s owner to also peruse that user’s images, both public and private. After members of a bodybuilding forum discovered the security hole, they proceeded to target Zuckerberg’s account and publish a number of his private photographs online. This comes a week after the FTC slapped Facebook’s wrist over deceptive privacy practices.
Wired via The