Last week, Spyglass Security founder Jackie Stokes tweeted that a Facebook security engineer was using his access to personal data to stalk women online. Facebook confirmed to Motherboard on Monday that the social network was investigating the claims. Now, NBC News reports Facebook has fired the employee in question.
"We are investigating this as a matter of urgency," Alex Stamos, the Chief Security Officer of Facebook told Engadget. "It's important that people's information is kept secure and private when they use Facebook. It's why we have strict policy controls and technical restrictions so employees only access the data they need to do their jobs –- for example to fix bugs, manage customer support issues or respond to valid legal requests. Employees who abuse these controls will be fired."
I've been made aware that a security engineer currently employed at Facebook is likely using privileged access to stalk women online.— Jackie Stokes 🙋🏽 (@find_evil) April 30, 2018
I have Tinder logs. What should I do with this information?
The charge that an employee was using access to privileged information to stalk women is certainly a serious one. At F8 this week, Facebook introduced a new dating service, but with a cloud hanging over the social network in light of recent revelations about the misuse of personal data, there's understandably some concern. Facebook founder and CEO Mark Zuckerberg was quick to reassure people that proper privacy measures were a fundamental part of the new tool.
I really, really hope I'm wrong about this. pic.twitter.com/NDkOptx8Hv— Jackie Stokes 🙋🏽 (@find_evil) April 30, 2018
This revelation, that a security engineer with access to personal information was misusing the data to stalk women (he even called himself a "professional stalker"), is troubling, given that recent announcement. It's certainly important to note that the likelihood of being targeted by a single person like this is very, very low. But the timing of this isn't great, and it raises further questions about how Facebook protects user data externally -- and internally.
Update 5/2/18 12:10PM ET: We have added Facebook's statement to this article.