Not a hacker. Not an outside threat actor. It was a BAD CONFIGURATION, per Facebook

Also includes the Facebook Whistleblower Written Testimony

It wasn’t a hack.

It wasn’t a 3rd party intrusion.

It was Facebook punching themselves in da nutz

Like I said some of us knew that this would inevitably be the destination… yet trying to convey the actual facts, connecting the public facing dots and being drowned out by a cacophony of screaming goats —who repeatedly ignored the facts because they had some crazy conspiracy theory.

Goddamn why are facts so hard to cut through the screaming’s exhausting to endlessly screaming the facts.

Our engineering teams have learned that configuration changes on the backbone routers that coordinate network traffic between our data centers caused issues that interrupted this communication. This disruption to network traffic had a cascading effect on the way our data centers communicate, bringing our services to a halt.

…no malicious activity behind this outage…faulty configuration change on our end…

We want to make clear that there was no malicious activity behind this outage — its root cause was a faulty configuration change on our end. We also have no evidence that user data was compromised as a result of this downtime. (Updated on Oct. 5, 2021 to reflect the latest information)

Oh and before you say that I’m in the tank for Facebook —NOPE —I’m in the tank for facts, especially facts that have supporting documents. Did you really think I was randomly pointing you to Facebook’s April 2021 White Paper, which discussed the Company’s pushing the limits of BGP (and later customizing eBGP to be used on a large scale data center environment) because even I understood the practicality of that April 2021 and that at the onset it was likely a bad configuration… and I’m not even that tech savvy <snort>

File411’s Newsletter
Facebook Instagram and WhatsApp -BGP repeat after me bad BGP configuration -updated
Read more

I see you 1.5B Facebook conspiracy theory and raise you actual FACTS:

The purported 1.5 B as in Billion user PII is not what it appears or what some are falsely trying to say it was part of yesterday’s outrage. Nope.

  • The data set was originally published for sale on September 22, 2021

  • The data set was NOT hacked

  • a data scrape which is considerably different than an actual hack.

Yesterday I explained the significance of BGP and DNS and an astute and informative observation made by CloudFlare’s CTO but today’s Threat Post article really does an excellent job of explaining the; who, why, what, and when of yesterday’s outage. For Example these two paragraphs perfectly encapsulates what actually happened;

During the outage, both Facebook’s BGP records and its domain name system (DNS) records disappeared. DNS is a service that allows the internet to run by translating domains such as into IP addresses and vice versa. On Monday, Facebook’s DNS servers were unavailable, meaning that DNS resolvers couldn’t respond to queries asking for the IP address of, Cloudflare said.

Again that data set was published on Sept 22, 2021 and it was NOT a hack it was a data scrape. Hence why I feel like I’m screaming into the abyss because what the ducking-duck man - It’s not like I make an assertion that’s immediately backed up with a prolific amount of actual facts/data.

One of the most popular theories about the outage concerned a supposed attack that led to 1.5 billion Facebook records being sold on the RaidForums criminal forum. The conspiracy sprang from a Sept. 22 post from a supposed company called X2Emails that advertised “[a] database which hold more than 1.5b Database of Facebook these database scraped this year and 100% emails are included and phone as well

Bad BGP Configuration- Data Centers

Look I’m not an Oracle - I just happen to read and research -a lot but for the last time, I explained by it wasn’t a hack… yet that misinformation and disinformation continues to persist…

During the outage, both Facebook’s BGP records and its domain name system (DNS) records disappeared. DNS is a service that allows the internet to run by translating domains such as into IP addresses and vice versa. On Monday, Facebook’s DNS servers were unavailable, meaning that DNS resolvers couldn’t respond to queries asking for the IP address of, Cloudflare said.

Facebook consistently resolved those conflicts in favor of its own profits -Whistleblower Testimony-

Oh and the Facebook Whistleblower Frances Haugen Written Testimony. You can also watch the Senate Subcommittee Hearing here

…amplifies division, extremism, and polarization — and undermining societies around the world…

I saw that Facebook repeatedly encountered conflicts between its own profits and our safety. Facebook consistently resolved those conflicts in favor of its own profits. The result has been a system that amplifies division, extremism, and polarization — and undermining societies around the world. In some cases, this dangerous online talk has led to actual violence that harms and even kills people. In other cases, their profit optimizing machine is generating self-harm and self-hate — especially for vulnerable groups, like teenage girls. These problems have been confirmed repeatedly by Facebook’s own internal research.

This is not simply a matter of some social media users being angry or unstable. Facebook became a $1 trillion company by paying for its profits with our safety, including the safety of our children. And that is unacceptable.

..As long as Facebook is operating in the dark, it is accountable to no one. And it will continue to make choices that go against the common good. Our common good…

…I came forward because I recognized a frightening truth: almost no one outside of Facebook knows what happens inside Facebook. The company’s leadership keeps vital information from the public, the U.S. government, its shareholders, and governments around the world. The documents I have provided prove that Facebook has repeatedly misled us about what its own research reveals about the safety of children, its role in spreading hateful and polarizing messages…

…we can’t make this kind of independent assessment of Facebook. We have to just trust what Facebook says is true — and they have repeatedly proved that they do not deserve our blind faith...

This is probably the single most comprehensive investigative journalism I’ve read in a very long time. The Wall Street Journal’s Facebook Files is just breathtakingly solid journalism… it’s a collection of articles written which shed light on the tens of thousands of documents Whistleblower Frances Haugen… I’ll probably publish a more detailed article in the coming days -as I’d like to take my time and read her SEC complaints against Facebook

And lastly Haugen’s attorneys are on rock solid foundation -

The Dodd-Frank Act, passed over ten years ago at this point, created an Office of the Whistleblower inside the SEC. And one of the provisions of that law says that no company can prohibit its employees from communicating with the SEC and sharing internal corporate documents with the SEC,Haugen’s lawyer, John Tye,told 60 Minutes.

Whistleblower Program

Background: Section 922 of the Dodd-Frank Wall Street Reform and Consumer Protection Act read in part:

..the Commission shall pay awards to eligible whistleblowers who voluntarily provides the SEC with original information that leads to a successful enforcement action yielding monetary sanctions of over $1 million. The award amount is required to be between 10 percent and 30 percent of the total monetary sanctions collected in the Commission’s action or any related action such as in a criminal case.

A whistleblower may be eligible to receive an award for original information provided to the Commission on or after July 22, 2010, but before the whistleblower rules become effective, so long as the whistleblower complies with all such rules once effective.

The Dodd-Frank Act also expressly prohibits retaliation by employers against whistleblowers and provides them with a private cause of action in the event that they are discharged or discriminated against by their employers in violation of the Act. Moreover there is specific language in the Dodd-Frank Act which prohibits any publicly traded company from blocking a whistleblower ability to provide internal company communiques to the SEC (or providing documents to Congress)

SEC Dodd-Frank Act -Whistleblower

Because Facebook is a publicly traded company, as such they are required (see Securities Act) to be forthcoming and honest with; current and future investors or even withhold material information

  • Implementation: Final rules implementing the Whistleblower Program were approved by the Commission on May 25, 2011.

These final rules became effective on August 12, 2011. Compliance with these rules is required to qualify for an award. Meaning if you file a whistleblower complaint with the SEC ← do not pro se (only idiots & narcissists go pro se) → higher a competent attention who specializes in Whistleblower

  • Whistleblower Program was created by Congress on July 21, 2010 in Section 922 of the Dodd-Frank Act.

  • SEC -Office of the Whistleblower web page for additional information about the program, the Dodd-Frank statute, the final rules, how to submit a tip, complaint, or referral, and how to apply for an award.

  • June 28, 2018, the SEC voted to propose several amendments to the rules governing the whistleblower program. Which was published in the Federal Register on July 20, 2018 and were open for public comment thru September 18, 2018.

  • September 23, 2020, the SEC voted to adopt amendments to the rulesgoverning its whistleblower program that are designed to provide greater clarity to whistleblowers and increase the program’s efficiency and transparency.

So for now I think you have a better understanding of both Facebook et al’s outage, the Dodd-Frank Act, Whistleblower Protections…and actual links to the various documents. As I previously mentioned I might publish a follow up article and plan to drill down further into her SEC Complaint