People are going to call this a “hack” or an “exploit”. It was not. It was unethical harvesting, but it was using a system that Facebook set up as a key part of their core business model. From Daring Fireball, where I saw it linked first:
This was not a security breach. This is simply what Facebook is: a massive surveillance machine.
Between this and their profiting off of Russian trolls and misinformation that they pointedly did not ask questions about, it’s clear that Facebook is a big part of the reason why a probable felon who sexually assaults women and doesn’t have the attention span to read a two-page brief is President of the United States of America.
The 21st century definition of irony: Political outrage posted to Facebook or Twitter.
Update: Facebook fixed the problem by banning the whistleblower. Letting these people install software on your phone sounds like a good idea.
More updates: Even better! Their chief information security officer left over a dispute about this kind of thing. Includes a shocking revelation that security concerns on this issue were overridden by money concerns. And Zuck knew about the Russian accounts when he dismissed the idea publicly:
By November 2016, the team had uncovered evidence that Russian operatives had aggressively pushed DNC leaks and propaganda on Facebook. That same month, Mr. Zuckerberg publicly dismissed the notion that fake news influenced the 2016 election, calling it a “pretty crazy idea.”