The 3 Biggest Facebook Security Lapses

By Glenn Reid

With so many resources at its beck and call, Facebook can sometimes seem as secure on its feet as the Rock of Gibraltar. But this isn't the case. Facebook, like any other big website, has experienced major security lapses over the years. Read on to learn about some of Facebook’s most serious known security issues.

"Private" photos for all to see

In early 2008 a Canadian computer technician contacted the Associated Press and revealed that he found a way to freely peruse Facebook users’ “private” photos and photo albums. The technician, Byron Ng, used his programming acumen to discover the security lapse only about a week after Facebook had implemented security updates meant to make users’ private information more secure. But the updates needed some updates of their own; demonstrating his point, Ng was able to access the private photos of both Paris Hilton and Facebook co-founder Mark Zuckerberg.



fb messages

Public “private” chats

In 2010 a technology blog discovered that it was possible for Facebook users to monitor their friends’ private chats and pending friend requests. All the interested party needed to do was click on his or her friends’ “preview my profile” button. After being made aware of this glitch, Facebook promptly shut down its “chat” option until engineers were able to resolve both the chat glitch and the potential public-visibility of pending friend requests. 



Access granted to malicious programs

In 2011 two Indiana University Bloomington doctoral students discovered that malicious programs were able to “impersonate” big brand websites such as YouTube, and thus enjoy the same private access permissions the user intended for the real websites. Once granted permission, the malicious programs would then have access to the user’s private information, and could even post content on his or her behalf. What’s worse: there are some websites, like, that Facebook allows to access accounts even without the users’ consent. Malicious websites could have, during the lifespan of the security lapse, impersonated those very sites.

Nobody’s perfect. Even giants such as Facebook have security flaws which risk the integrity of their platform. Everyone will eventually be a target of a cyber attack at one point or another, but with the proper training and knowledge you can protect yourself from a large majority of attacks. A great place to start is with our EC-Council End User program which provides the necessary knowledge to protect your information assets. Or, for something more advanced, is the Certified Ethical Hacking course which teaches you and your staff how to think like hackers, so you can defend yourself from hackers. 

Learn more about our cyber security courses here.


Glenn Reid, VP | General Manager

Kingston | Brockville
Phone: 613.634.8125 x 310
Toll Free: 877.996.6622 x 310