Even a tech giant like Facebook isn’t immune to significant security breaches. Devcore’s Orange Tsai recently discovered that someone had installed a backdoor on one of Facebook’s corporate servers (that is, not the social network itself) in a bid to swipe workers’ login details. While it’s not clear how successful the script-based exploit was, Tsai noted that the file transfer app hosted on the server had several vulnerabilities that effectively gave any intruder free rein. The attacker could have checked employee email, for instance, or even connected to Facebook’s virtual private network to get access to the company’s inner workings.
Thankfully, this is all past tense. You’re only hearing about this now because Tsai reported the bugs to Facebook (to get a bounty, naturally), and waited until the firm completed its investigation before disclosing the flaws. That backdoor isn’t there anymore, folks. All the same, the incident is bound to humble Facebook a bit — it’s proof that the company is a prime target for hackers, and that it can’t assume it’s always on top of every possible security flaw.