This article was published on February 5, 2010

The Facebook Redemption

The Facebook Redemption

RedemptionLast week I posted about getting disabled by Facebook, and how horrible an experience it was.

Well, exactly six days after being disabled I have my account back. I wanted to write about it sooner but I felt like I would be doing a disservice if I didn’t at least reflect on what happened, and the things I will do to prevent this from happening again.

Yesterday I received an email from Cassidy at Facebook User Operations that said:

Hi Nathan,

We have changed your password and, if necessary, restored your contact email address. Please click the link below to generate a new password for your account:


If you did not already receive a security alert from Facebook, please review the following information.

Our systems indicate that your Facebook account has been compromised by cybercriminals attempting to impersonate you. These criminals often will try to trick your friends into sending them money by claiming that you are stuck in a far away location and in need of assistance. It is possible that your email account was compromised as well, as obtaining access to a victim’s email is one of the primary ways these cybercriminals have been operating. Please take the following steps to ensure the security of your Facebook account going forward:

1. Select a new, unique password for any email address associated with your account, making sure to avoid using the same password for any account.

2. Verify that you control all of the email addresses associated with your account on the Contact Email section at:

3. If you have not done so already, please add a security question to your account from the Account Settings page.

4. Visit the following page for more information about Facebook security and how to report suspicious material:

Finally, if you think you have been victimized by fraud, you can report this to Western Union’s fraud hotline by calling 1-800-448-1492.

Thanks for contacting Facebook,

User Operations

So either my account was hijacked or Facebook saw Adium as a cybercriminal. It seems more likely that Facebook perceived Adium’s attempts at repeatedly logging in as a type of attack and disabled my account due to this “suspicious activity.”

When you dig into the Terms of Service, Facebook does say that they have the right to disable your account if it is flagged for suspicious activity. I still maintain that they should do more in the way of giving you a heads up, though as a former IT guy I know that if one of my workstations was suspected of having a bug the first thing I would do is disconnect it from the network as well.

At the same time, Facebook should realize that we are not workstations — you can’t ask a workstation what’s wrong or inform a workstation that there is something suspicious going on with it. Users, on the other hand, are quite capable of noticing that their may be a problem and will fix it.

All told, I am just happy to have my account back, thank you for all the well wishes!  Now I am looking for ways to backup my data just in case this was to ever happen again.

[Image source; altered]