[rshnotsecure]

The fact that FB can task developers to this, but not the breached servers (of a 3rd Party but who has access to highly confidential material) I’ve reported via their BB page that are online right this second is somewhat insulting to me.

If this comment gets downvoted, be suspicious. It is going to be well written, but it is does contain accusations against Facebook. My real name is in my About Section so I have no fear of libel. I hate to play this card because I am sort of immunizing myself (or trying to) against downvotes, but you can look through my comments and it’s not something I’ve ever done before.

1. The 3rd Party who led to the breach at Doordash is also a Facebook contractor. A significant amount of Facebook data has been stolen because of this.

2. Dashlane, Deliveroo (UK), Netflix, Uber, AirBnB, Quora, EventBrite, BetterDoctor, and about 10 other firms that I know of are also clients of this contractor as their data was also leaking or obtainable through extremely simple exploits.

3. Yes I did file a Bug Bounty with evidence. FB has acted...sort of...but the evidence is still online, at this moment.

4. I have already begun conversations with ISC2 asking for a significant amount of CISSP cert holders at FB to have their certifications revoked for breach of ethics violations via the “good of society” clause and negligent blindness. I absolutely made sure to have a carve out saying they probably were just ignored by management, and in such case for the names I cited to ignore my claim (and I would write a written public apology if asked).

5. I get that everyone here is tired of FB negativity here. Me too. Just a little longer if you don’t mind.

[gaogao]

If this comment gets downvoted, it's probably because its kind of off-topic and a little hard to follow. Maybe write a blog post with some of the emails, I guess, instead of a long comment, and then submit that?

[Top19]

I get your comment for sure, but it is not true when you say those on Hacker News would downvote a comment for being off-topic when it is for a somewhat concerning moral issue. Many of the members here are better than that or at least more able to see the larger issues at stake I think.

Again though I still see your point and those claims, if situation was a little more mundane, are absolutely true.

[btown]

Is the identity of the breached third party public knowledge? Is there a way for other startups to determine if they may be at risk as well? If it has that many high-profile clients it is likely a popular service.

[Top19]

There is an email in the summary of the commenter profile.

[cromka]

Woah. Things like this are why I don't have FB account anymore. Also why I shorted their stock. Fingers crossed for December.