So he took it to the top, using the bug to write a message on the Facebook wall of founder Mark Zuckerberg (pictured). The hack won him publicity, but the company said it violated its terms and refused to pay him the usual $500 reward for informing it of security threats.
How I see it
Matt Park, MD of social, The Red Consultancy
Peel away the sensationalism around the choice of target and we’re left with the frustrated actions of a hacker who tried to help Facebook but wasn’t taken seriously.
Facebook’s reaction to the hack might seem muted from a pure PR point of view: suspending the hacker’s account, confirming that no reward will be paid out as he bypassed the official reporting system, and limiting the comms response to a post on a hacker forum.
Facebook might have generated short-term PR goodwill by paying the reward but this would have declared open season for hackers to expose security flaws publicly, and then demand payment for doing so.
Its response is designed to protect its interests and credibility in the longer term, which all good PR should do.
Was Facebook's decision a hit or a miss? Tell us in the comments, below.