On August 13th, a number of Facebook developer accounts and apps were temporarily unavailable. We wanted to share some details around what happened and what we are doing to prevent this from occurring again.
The Facebook Platform and our users are constantly under attack from malicious apps and we have many automated systems to protect the platform and our users. Occasionally we detect an attack that requires us to augment those automated systems. Specifically, we identify a malicious pattern, find all the apps that match that pattern, and then disable those apps. This normally results in thousands of malicious apps being disabled and improves our automated systems' ability to detect similar attacks in the future.
On August 13th, we undertook such a procedure. We started with a broad pattern that correctly matched many thousands of malicious apps but, unfortunately, also matched many of your high quality apps. When we detected this error, we immediately stopped the process and began work to restore access. The process took longer than expected because of the number of apps affected and bugs related to the restoration of app metadata.
To help prevent this from happening again, we plan on making the following improvements to our processes and technology:
We will create better tools to detect overly broad patterns and put in place better processes to verify that all apps matched are indeed malicious.
We will address the bugs and bottlenecks that made the recovery process slower than expected.
We understand that incidents like these are disruptive to your businesses, and we sincerely apologize for the inconvenience. Our team is invested in learning from these incidents and making sure Facebook Platform stability continues to improve.