Today, nearly a week after a Lulzsec/Lulz Security hack resulted in my Facebook page being hacked by jackasses who sent awful spam to nearly a thousand of my students, friends, and family members before I could get the page blocked, Facebook finally got back to me on my account.
Your account was suspended because one or more photos you uploaded [my emphasis, not theirs] violated Facebook’s Statement of Rights and Responsibilities. This content has been removed from the site. After reviewing your situation, we reactivated your account.
[Some content snipped for being a form e-mail totally irrelevant to my situation]
You may now log in. For technical and security reasons, we cannot provide you with a description or copy of the removed content. Learn more about our policies by reviewing the Facebook Community Standards: www.facebook.com/communitystandards/
We apologize for any inconvenience and appreciate your cooperation going forward.
Thanks for your understanding,
—–Original Message to Facebook—–
From: Holly Lisle (firstname.lastname@example.org)
To: The Facebook Team
Subject: Re: My Personal Profile was Disabled
Since my site is one of those that was hacked by Lulzsec/Lulz Security, I’m sure you’ll be able to figure out the problem promptly.
So, first…a word to Facebook:
Don’t thank me for being understanding, Cedric. I’m not the least bit understanding about this. My page was HACKED. You’re still blaming me.
But now, what really matters
When I got back into my site, I had one thing, and only one thing, I wanted to accomplish. I wanted to apologize to each and every person who’d received spam from from the Lulzsec/Lulz Security hackers through my account.
I wanted to say “I’m very sorry you were spammed in the worst imaginable way by someone purporting to be me, and I’m very sorry I had no way to contact you when all of this was going on to let you know it was NOT me doing this, and that as it was going on, I was fighting as hard as I could to make it stop.”
What I discovered instead was that all my friends, family members, students, and others were gone. I had no way to contact them to apologize for the awful content they’d received from the hackers.
I was completely alone on my defaced, ruined, still-pornographic page.
Here’s what I discovered about Facebook.
If you’re on Facebook, Facebook owns you. They own your information, they own your contacts, they own your family members, they own your mailbox, they own whatever you create on the site. And in an instant they can take it away, and you cannot get it back. You have no other way to contact friends you connect with through the site but the way they offer you—so all the people you love can disappear out of your reach in an instant’s notice, through no fault of your own.
If you friended me on Facebook, I’m very sorry I could not reach you. I’ll apologize here and hope anyone who knows me from both Facebook and my weblog, mailing list, or Twitter, will pass this along so the people I care about, with whom I have once again lost contact, will at least know where to find me if they want to.
I will not go back to Facebook.
When I realized I could not reach the people I needed to reach to apologize, I immediately requested the page be deleted permanently.
In fourteen days, everything connected to my account will be off Facebook permanently.
I will not be part of anything that exercises that sort of control over people’s information and lives, and that does so in such an irresponsible, cavalier, and incompetent fashion.
If you have people on the site you don’t know how to reach in any other way, fix that today. Exchange phone numbers, exchange real email addresses, set up a place where you can contact each other independently of Facebook’s closed network.
Don’t assume that Facebook will be there for you, that the system will work the way it should, that if you live by their terms of service, Facebook will back you up.
Don’t end up where I am. It’s an ugly place to be.
I hope you’ll give Google+ a shot. I haven’t had time to read through all the proceeding comments so forgive me if this has been addressed. I feel as though a part of their game plan is to avoid all these mistakes that Facebook has made. I have a writers circle that needs occupants, feel free to “circle” me on G+ if you get there. I’ve just discovered your blog so would love to see you there. Dave ~ https://plus.google.com/101451734637557853960/posts
It used to be that when private commercial interests got too powerful, people used government regulation to step in and control that power. But, in this Information Age, where the ‘net transcends political boundaries, we’re all at the mercy of companies who know the value of information, and monopolize their control over it.
Your network of contacts is a form of information, of value different than the sum of the parts. Have no doubt that Facebook knew its value, as it sold advertising with added value from that. They equally know that even a web page like this, won’t harm them in any comparison to the harm that you’ve suffered from them.
It raises the social question of how to balance out monopolistic power like that.
(And in the meantime, I’ll thank you for reminding me that “Data not backed up is data you will lose”, and I’ll be backing up my (non-Facebook) not-so-recently backed up data that I’m reminded I _DON’T_ want to lose.)
Sorry for your troubles, it really does bite. I don’t use FB; however, what really %!$$&$ me off are these organised hacker groups, who claim to be fighting for truth, and justice …. Bull! they are your garden variety vandals who know a little code. They don’t really care who they hurt, and I hope it comes back to them with a lot more punch than the 6 month suspended sentence, which they usually get.
Thought you might find this interesting… In today’s Stars and Stripes (our Army newspaper) there was an article about a hacker company named AntiSec that stole over 90K military email addresses and passwords from a Booz Allen (contract company that does a lot of work for the military in combat zones) server.
Here’s the part where it may be most interesting for you… AntiSec was previously named LulzSec, and they claim to be a protest group that conduct their actions due to “overagressive government internet monitoring.”
U.S. Army Soldier
I’m so sorry, Holly. I don’t like Facebook. It’s too public, so I go there rarely. I was not one of your friends so I didn’t see the damage that was done. I have about 125 friends, all people I know personally. That’s the only way I want to deal with Facebook. I thought about setting up a fan page after I publish, but I’ll rethink that notion now. John Locke seems to like Twitter the best. He mentions Facebook, but doesn’t say much about it. I detest hackers. They ruin thing for good people.
I don’t blame you a bit, Holly. And today Facebook confirmed hiring the dude that hacked and took down the Sony Playstation Network for several weeks and exposed users credit card information to being misused. HIRED THE HACKER!!
I’m checking out Bebo and hoping to hear more about Google+ soon. Facebook is a major contributor to my being able to keep up with people, but I’ve had it.
I guess you saw in the news about the group-who-shall-not-be-named (so it won’t pop up in search) supposedly dis-banding. One of the news reports reads like the early draft of a movie treatment.
I am so sorry they hit your FB account. Like others, I am checking all my accounts on a regular basis now, and opting out, more than opting in.
Hi Holly, thanks for this post and sorry for all the trouble you faced. I think you did the absolutely right thing by shutting down your FB account.
I checked with two other people who have had problems with facebook and interestingly enough, the response you got from them the first time is the exact same response they got when they contacted facebook about their problem. Trouble is, they hadn’t uploaded any pictures either. It must be their canned response in the hope that you won’t continue to follow up on it.
ps to Danzier: I think the first phone book was done sometime between 1875 and 1890. In 1967 we still had a party line. It hasn’t been that long ago. We had no choice when the phone company changed us over. It didn’t have anything to do with a public outcry but the phone company giving us the ‘latest and greatest.’
Wow, Holly. This whole thing just stinks. I am so sorry this happened, and I applaud you fighting back in the only way you can. Thanks, as always, for all you do!
OK, I read all your three posts, and all the comments for them, and I didn’t see this question or an answer to it. If you did answer this question and I missed it, please ignore me. Basically, I’m just wondering, would it be possible for you to try and re-friend the family members or friends that you don’t have any other contact information for? Or is too difficult/impossible to find them again? I’m assuming it’s the latter, but I thought I’d mention this suggestion just in case. Obviously you don’t want to keep your FB account because the company is so incompetent, but maybe you could have it just while you reconnect with people, get their info, and then delete. But I understand that sometimes people change their names, or there are tons of people on FB with the same name, and obviously you had tons of students and fellow writers whose names you probably didn’t know but who you still want to apologize to for the porn spam. I guess I was feeling so bad that you’ve lost contact with family members, I wish I could help you somehow to reconnect with them and get their emails or phone numbers.
I’m sure anyone who is interested in keeping with Holly knows she has a website and can get their information to her that way. A blessing in this might be weeding out some old contacts that don’t really care anymore.
We’ve held off from Facebook because of the persistent and ongoing litany of bad choices, poor policies and just plain wrong-headedness of the company behind the supposedly free service that makes its money off of farming its users data out to third-parties. The convenience factor just doesn’t measure-up when compared to all the hassles and crap that goes along with it. Thanks for sharing your recent experiences, as painful and unpleasant as they have been, you have given us all a lot to think about. There has to be a better way to handle this social networking stuff.
Ironic really I can facebook like this page… 😀 But thanks for the tips. I will be systematically working through my contacts to make sure I have other ways to contact them.
I am, however, sorry FB were such jerks to you but your experience serves a lesson to us all. Which seems to be what you do best – teach us!
All the best to you Holly. x
What a nightmare for you. I don’t use Facebook much but it has been a way to keep up with and keep in touch with a few friends. After reading this, I might try Danzier’s suggestion and permanently delete it. If I decide to have an online persona, it won’t be my own and it certainly won’t be very active on Facebook, that’s for sure.
I’m so sorry. I don’t use facebook anymore either. I hated the fact that they kept changing the privacy settings on me so in order to keep my same settings, I had to go in and change them. It’s just backwards. My privacy settings should stay the same. I should have to enable new/less private settings.
And I’ve heard all the horror stories similar to what happened to you: they’ve got ads everywhere based on our preferences [so they’re bottom dollar is great] but if something happens to us, it’s like they’re the phantom company.
I thought the FB movie kind of said it all: the company is completely unethical.
One good thing: your friends and family can definitely find you on Google. 🙂
Oh, yes. I feel bad for the other Holly Lisles out there. My name carries a serious Googlestomp with it.
I hope I’m not the only one who realizes this is complete bullshit. Before the internet, someone could have just as easily said this:
I’m getting rid of my phone. When my phone broke, I realized I had no way of contacting all my family and friends to let them know why I wasn’t calling them. If you have a phone, the phone company owns you. They own your personal information, they control who you can contact, and they PUBLISH your phone number and home address… and go door-to-door to give a copy to EVERYONE! In 14 days, I will be getting rid of my phone permanently. I will not be part of anything that exercises that sort of control over people’s information and lives.
Facebook is the easiest way to contact and stay in contact with everyone in your life. If you’re worried about privacy, don’t give Facebook all of your personal information. I’m pretty sure creating an account only requires a name, age, and email address, and the first 2 can be fake if you want them to be.
Well, that’s ridiculous. The phone company does not record my conversations or distribute my pictures, videos, contacts or phone app details. If my phone breaks, and this has happened to me, the phone company very helpfully uploads all my information to my new phone. So you’re comparison is nonsensical.
But fine, point understood. Facebook is a free social networking site, and therefore has full rights not to give a crap about it’s users. My phone company charges a monthly fee, has been quite reliable when I have issues and I’m very happy with them. If that were not the case, I would indeed drop my phone company like a hot rock the same way Holly is dropping her Facebook account.
Once upon a time, the phone company wasn’t like that. There were “party lines” where it was one phone line, connecting everyone in a town, and anyone could pick up and listen in on anyone else’s business. And people complained about “living at the mercy of the telephone”. And they refused to use it, and they got rid of the phone, or stuck it out in the barn so using it would be …awkward. Phone books didn’t start until many, many years later; phone numbers went through at least two seperate types/phases before phone books were introduced. And if I recall my RTF History class correctly, phone books were originally sold, not handed out freely. And you *still* have the option to have your name, address, and phone number withheld from the phone book–it’s called “having an unlisted number”.
Facebook’s cavalier attitude is still wrong. Holly’s reaction and actions are still right.
Don’t be so sure. If you are speaking of your cell phone, they can, and do, have access to pretty much everything you put on there, especially of the iPhone variety. I don’t have the links handy but there has been a lot of buzz and news about what they keep andcan detail. Phone company. Driver’s license. Home mortgage. Your library card. What you buy at the bookstore. Even Google! To not distribute your personal details, you have to find the links that are usually hidden to be able to “opt out.” “Opt in” is automatic. Even being off the grid is a red flag to those who watch such things.
We live in a new world with new boundaries … SciFi ‘R Us.
On that one I was referring to land line phones. 😉
So then keep your Facebook account. That’s your choice. Why should it bother you so much that Ms. Lisle doesn’t agree with thier business ethics? It’s her choice to not use Facebook and it’s her right to be upset about the way they’ve handled the situation.
The telephone and Facebook are not the same thing. I understand the point you’re trying to make, but it’s just not the same.
I guess I got a little hot with that guy. I apologize. Specially because Danzier said it better. :)TX
You were fine. Thanks for the support.
Post deleted for poster’s failure to actually READ the details of this discussion (all three posts) and post something relevant.
I have no time for people who yammer on stupidly without knowing what they’re talking about—without first reading publicly available and accessible information.— HOLLY LISLE
…Did you read the previous post? And Holly’s comments in the comments? I’m quite sure Holly is the 0.01% person who followed the safety rules and still got hacked. And besides, when a hacker posts malware and the company, duly notified of the hack, still bans the original user, there’s a bigger problem than the user.
Thanks for the support.
No, dammit. The hacker got in because he’s an immoral little–okay, the word I’m thinking would/should be considered foul–steaming, reeking pile of dung.
How dare you–HOW DARE YOU–blow your crap in here.
And the fact that a user has to be a paranoid freak in order not to be hacked on FB just proves how selfish FB is. They are in the business of delivering consumers to advertisers. They obviously don’t care the least bit about the users–in fact, every time I think I’ve got my privacy locked down, FB goes and “improves” itself, which means I have to go and lock it all down again, only this time with different controls, or with the controls in different places.
FB is designed NOT to be safe, private, or any other good thing.
Just keep your “blame the victim” stuff to yourself. If that’s what you have to do in order to keep your mental boat afloat, have fun with it. Just don’t try dropping it on anyone else.
To eliminate any more stupid comments from people who have not read all three posts, I did my due diligence before signing up, and I used my account appropriately and with ENORMOUS caution.
Neither did I use my account in a marketing capacity—I discussed what was going on in my own life. I did not violate Facebook’s terms of service for private accounts, which prohibits selling things through the account.
I used NO games, NO apps, NO links. I did not EVER participate in any Facebook activities or give my data to ANY third parties.
Nowhere in Facebook’s terms of service does it say that, even if you do everything right, they will blame you if your account is hacked, or eliminate your friends, family, and other connections from your account when they block it.
That’s ridiculous. The whole blaming the victim thing makes me rage. It’s pretty sad that I expect this behavior from Facebook now, thanks to the numerous times they’ve pulled stuff like this. :/ I’m really sorry this happened to you.
This is disgraceful. Among us geeky developer types, we consider one of the basic moral ground rules to be “The user’s information belongs to the user.” You will hear that line a lot if you enter development communities. It is astounding that a company as large and influential as Facebook would not follow what most developers believe to be such a foundational moral rule.
I, of course, am annoyed because not only does Facebook and their disregard for their customers, win, but the hacker also wins. Just the same, I don’t see any other way you could handle this — and since Facebook can make no claim that they’d help keep your site safe, what is the use of going back anyway? It’s just likely to happen again.
I have never had a Facebook account and now I’m convinced I have been right to not go there.
I hope the others all get back in touch with you soon.
Horrorendous. Maybe if enough people “like” this post, word will get around.
Well, that sucks. I’m sorry this happened to you.
In order to permanently delete your FB account, you have to log in to it. At the way bottom of the page is a tiny set of links with things like “Privacy” and “Help”. I clicked help and looked up permanent account deletion…so my old one should be going away soon, too.
Hm, the second half of my post disappeared… I must have bumped the thumb pad.
Holly, I’m so sorry that this has happened to you. But I’m very glad that you’re not taking it lying down (metaphorically, although hopefully literally as well). It’s so easy for people to lose their rights just by forgetting that they have them, and that “private” dosn’t mean “secure” or “anyone else’s business”. Thank you for the reminder.
I have a facebook page. It has nothing to do with my author persona, I don’t post anything personal there, I haven’t been there in weeks and weeks and I think I have four friends. I communicate with them in other ways several times a week. I figured out a long time ago when someone mentioned that you couldn’t delete your account there that I didn’t want it any more active than absolutely necessary.
They must have changed their policy so you actually can delete it. I hope so.
It’s deletable. You have to request deletion, and then not use it in ANY way for fourteen days. If you want to delete it, search “delete facebook account” on Google. Simple links and clear instructions are available.
I’m so sorry this happened to you, Holly.
Still, I have to laugh at something. Right at the bottom of your post, it says:
You like thisBe the first of your friends to like this. [on Facebook]
You just can’t get away from the culture. And that’s what makes it so scary.
I know the link is there. It’ll be there long enough for the folks who are inclined to help me out to use it this one last time.
In this instance, I’m really hoping folks WILL like this post to Facebook, because if they don’t, I have very little chance of connecting with the friends and family members I lost touch with when my page was hacked.
I’ll leave the Facebook “like” link there for about a week. Maybe two. And then I’ll pull it from my site, just as I’ll point the Facebook link in the header of my main site to this page.