Last week, Facebook hastened to repair a bug that uncovered the accounts of persons who manage pages, after the flaw was abused against numerous high-profile pages.
Users can keep track of the changes with the “View edit history” feature, if a Facebook page’s administrator edits a post. This feature should display the user precisely when changes were made to a post, but the new bug also exposed the account (i.e. profile) of the person who made the change.
The accounts that control Facebook pages are concealed automatically and they should not be shown in the Edit History window. The issue may have had serious repercussions, mainly for page administrators who are trying to keep their recognition secret.
According to reports, the susceptibility was introduced on Thursday evening and it was present only until Friday morning. Facebook said that it learned of the problem from a security investigator, but it’s unclear who that investigator is.
Notwithstanding the fact that the bug occurred for less than a day, it was revealed on websites such as 4chan and people swiftly began exploiting it against high-profile pages. The targeted pages comprised the ones belonging to President Donald Trump, Canadian Prime Minister Justin Trudeau, activist Greta Thunberg, unidentified street artist Banksy, Anonymous hacktivists, and rapper Snoop Dogg.
This is not the first time a weakness has displayed the administrators of Facebook pages. Almost two years ago, an investigator revealed that an email invite to like a Facebook page contained the name of the page’s manager.