Revenge porn hub taken down by Dutch police raid

A notorious hub for the sharing of revenge porn called Anon-IB has been shut down by Dutch police.

Three Dutch nationals have been arrested for stealing intimate images that they then shared on the site.

Servers containing stolen data were seized by police as it investigated who had stolen the images.

The police said any women who can be identified from its analysis of captured data will be told that their information has been stolen.

Easy to hack

Anon-IB was widely implicated in the 2014 Celebgate hack that saw nudes of more than 100 celebrities leaked online. Images of nude US female marines and underage girls were also known to be stored and traded on the forum.

Prior to being shut down, Anon-IB was one of the web’s top 10,000 most popular sites.

In a statement, Dutch police said the investigation that led to the site being closed began in March 2017. It started with a complaint by a Dutch woman who found that images from her cloud storage account had been stolen and shared online.

The suspected culprit for this hack was a 31-year-old man in Culemborg, said Dutch police. He was arrested for hacking into the online account and stealing nude photos.

The subsequent forensic analysis of the suspect’s computer and phone revealed “huge amounts” of images of the victim and other women.

Examining the cache of data led police to two other men who, between them, had intimate images stolen from “hundreds” of women.

These two men, from Groningen and Heerlen, have also been arrested. Police have confiscated stolen data from two others, also in the Netherlands, who are also believed to have traded stolen images and hacked others.

“The suspects were able to gain access to emailboxes, social media accounts and digital storage places such as clouds,” said the statement. “These were not properly secured and therefore relatively easy to hack.”

Images were often taken without victims knowing.

The investigation led police to servers hosting the stolen images that were located in the Netherlands.

Canada data firm AIQ may face legal action in UK

The UK’s Information Commissioner is considering legal action against Canadian data firm AggregateIQ (AIQ).

It follows testimony from co-founder Jeff Silvester to Canadian MPs in which he claimed to be co-operating with the watchdog’s inquiry into Cambridge Analytica.

In a statement, commissioner Elizabeth Denham said this was not the case.

AIQ is implicated in a data privacy row involving Facebook and the political consultancy.

Ms Denham said: “The Canadian company Aggregate IQ has so far not answered the substance of our questions in the ICO’s investigation.

“In recent correspondence we were advised that the company would not answer any more questions from my office, stated it was not subject to our jurisdiction, and considered the matter closed. We are considering the legal steps available to obtain the information.”

In response, Mr Silvester said his firm had received two letters from the ICO, one in May 2017 and one in January 2018.

“We responded to both as fully as we were able to and in a prompt manner,” he told the BBC.

“We would prefer that the UK Information Commissioner simply contact us if she has new questions to ask. In fact we are waiting on the commissioner to respond to two letters we sent her office recently.”

Evidence to MPs

AIQ faces a range of other questions.

Ex-Cambridge Analytica employee Christopher Wylie alleges AIQ was given 40% of Vote Leave’s budget to create “digital and social targeting” for the Brexit referendum campaign.

He also alleges the Canadian firm had extremely close ties with Cambridge Analytica.

In a written statement to MPs who are investigating both firms, he claims AIQ was set up to solely to build online advertising technologies for Cambridge Analytica and its parent firm SCL.

Prior to this, he claims, AIQ had no clients.

In separate testimony to MPs, Facebook’s chief technology officer Mike Schroepfer said it had also found links between the firms.

Mr Silvester confirmed to the BBC that his firm did undertake work for SCL between 2013 and 2016 but disputed Mr Wylie’s claims that it was set up solely for that purpose.

Cambridge Analytica has denied it had “direct links” to AIQ, saying it was introduced to the firm by Mr Wylie.

“Zack Massingham, our chief executive officer, created AggregateIQ in 2011 for his personal political work. Zack and I then incorporated in 2013 to work together,” Mr Silvester told the BBC.

The firm also faces questions about political advertising it undertook for Vote Leave during the Brexit referendum.

During his testimony, Mr Schroepfer told MPs that AIQ had spent $2m (£1.6m) on Facebook advertising for the campaign.

He said he did not know where AIQ had acquired the data for this advertising but thought the information for its targeted ads came “from email lists” rather than from the app created by Dr Aleksandr Kogan, which is at the heart of the data scandal.

Mr Silvester told the BBC that his firm “did not use any improperly-obtained Facebook data”.

“The only personal information we use in our work is that which is provided to us by our clients for specific purposes. In doing so, we do our very best to comply with all applicable privacy laws in each jurisdiction where we work.”

The firm has, however, been suspended by Facebook.

Tracking down the data firm

The BBC recently visited Victoria where AIQ is based to try and find out a little more about the firm and its links to Brexit.

According to Google Maps, its address is listed as 501 Pandora Street, which is part of a trendy square, just off the waterfront in British Columbia’s capital city Victoria.

AIQ’s old office is up for lease and, according to the property management company “two guys had left hurriedly in January”.

Then the BBC received a tip-off that the firm had just recently relocated to an office two blocks away.

The third floor office, also home to a law firm and a software and engineering company, was almost entirely empty.

There were only two people working there and a dark-haired man who appeared to be in his early 30s came to the door but refused to speak to the BBC.

According to Mr Silvester the move in January “was scheduled for some time”.

He added that the firm currently has seven full-time employees, who are all software developers and online advertising specialists.

Sex toy with in-built camera can be ‘easily hacked’

A wi-fi-enabled sex toy that features an in-built camera can be hacked, security researchers say.

Pen Test Partners, which tested the Siime Eye vibrator, said it was “trivial” to connect to its web interface.

This meant attackers could access intimate videos recorded by the device, as well as control other functions.

Svakom, the US firm that makes the toy, said updated versions of its software were “completely secure”.

According to firm’s website, the Siime Eye has a built-in micro camera and a hidden searchlight, which can be connected to a PC, tablet or mobile phone via wi-fi.

The firm says this allows users to “record and share” their experiences with a partner via “pictures or videos”.

Instant access

But in a blog, Pen Test Partners showed how the device could be hacked.

It said someone within range of the device could access its video stream, either by working out the user’s password, or entering the manufacturer’s default password, 88888888, if it had not been changed.

Those with more advanced knowledge could gain “complete control” over operation of the device, Pen said.

“It’s trivial to connect to the access point (AP),” it said, “[and] if you can get onto the wireless AP, you’ll have instant access to everything on this web application.

“Oh, and being a wi-fi AP means you can find users too… This part surprised us the most.”

Laptop risks

Pen Test said it had contacted Svakom several times about the issue since December but had not heard back.

A spokesperson for Svakom told the BBC there had only been vulnerabilities when using the toy with a laptop.

“We recommended our users to use the Siime Eye only on their smartphone,” they said.

“Moreover, in the instructions on the app and user manual it is clearly stated to change the password of the wi-fi to ensure privacy.”

They added: “We respect our customer’s privacy and our updated versions (more than one year old) of the Siime Eye App on both Google Play Store and Apple Store are completely secure.”

It comes weeks after Canadian firm Standard Innovation agreed to pay $3.75m (£3m) to settle privacy claims regarding some of its We-Vibe sex toys.

Some We-Vibe models collected intimate user data and sent it back to the manufacturer without the user’s consent.

Tech experts said the vibrator could also be hacked although Standard Innovation, which did not admit wrongdoing, said none of the devices’ data was accessed by outside parties.

Reality Check: Was Facebook data’s value ‘literally nothing’?

There is a huge spectrum of opinion on the value of the Facebook data that Cambridge University academic Aleksandr Kogan gave to Cambridge Analytica’s parent company, SCL.

Dr Kogan told a parliamentary committee: “Given what we know now, nothing, literally nothing – the idea that this data is accurate I would say is scientifically ridiculous.”

On the other hand, there have been suggestions this sort of data will allow computers to gain a profound understanding of people and their preferences.

In a news conference on Tuesday, Cambridge Analytica’s spokesman said the company had also found Dr Kogan’s data set to be “virtually useless”.

The orthodox view among data scientists is that the use of social media data to target adverts on Facebook is in its infancy and not yet hugely effective – but Dr Kogan is going further than that, saying that it was completely without value.

Reality Check has seen Dr Kogan’s unpublished research into the value of predicted personalities for micro-targeting. We judge that he is underselling its value although he is correct to say that the data was not accurate.

Personality test

Let’s go back to where the data came from and what it included.

Dr Kogan had a personality testing app on Facebook, on which users would answer questions about themselves and be given scores on how they rated on the Big Five personality traits: openness, conscientiousness, extraversion, agreeableness and neuroticism, which are used by research psychologists and advertisers.

Dr Kogan says about 270,000 users took this test. Taking the test also gave the app data on all the users’ friends, which created a database of 30 million people and their predicted personality scores, according to Dr Kogan. Facebook puts the figure at up to 87 million.

These personality predictions are based on the idea that, for example, if it turned out that people who liked particular brands of sports cars and nightclubs had also turned out to be extraverts, then you might predict that other people who liked those things would also be extraverts.

You can see a similar sort of system on the website of the Psychometrics Centre at the University of Cambridge, which attempts to predict your personality test result based on your social media activity.

Inaccurate predictions

Dr Kogan’s research was funded by SCL, the research and communications company that formed Cambridge Analytica. Dr Kogan passed the data, including some of the pages that users had liked, to SCL.

Dr Kogan now says that the data he gave to SCL was useless for targeting adverts on Facebook because individual predictions were too inaccurate.

But some data scientists argue that the overall quality of the personality predictions is not the most important measure.

Part of the point of targeted advertising is to reduce costs by trying to appeal to only a relatively small number of users.

So you might be more interested in people turning up at the extremes of particular personality measures rather than those coming up as being close to average, because they are the ones most likely to exhibit the traits you are targeting.

As such, the overall reliability of the data may be less important than finding groups who may be targeted.

Also, Dr Kogan argues that trying to assess the personality of an individual gives too large a margin of error so the predictions are reliable only if you’re taking averages across larger groups. But looking at larger groups may be helpful during an election, when you might be trying to decide where to buy advertising on local radio or where to hold an election rally, for example.

So Dr Kogan is underselling the value of his dataset. While not all of it would have been useful, parts of it could have been helpful.

Read more from Reality Check

Send us your questions

Follow us on Twitter

Deadline to amend UK surveillance laws

High Court judges have given the UK government six months to revise parts of its Investigatory Powers Act.

Rules governing the British surveillance system must be changed quickly because they are “incompatible” with European laws, said judges.

The government has been given a deadline of 1 November this year to make the changes.

The court decision came out of legal action by human rights group Liberty.

Holding data

It started its legal challenge to the Act saying clauses that allow personal data to be gathered and scrutinised violated citizens’ basic rights to privacy.

The court did not agree that the Investigatory Powers Act called for a “general and indiscriminate retention” of data on individuals, as Liberty claimed.

However, the judges did call on the government to speed up the process of updating laws to ensure they were compatible with European Union legislation.

In late 2017, government ministers accepted that its Act did not align with European law which only allows data to be gathered and accessed for the purposes of tackling “serious crime”. In addition, decisions to hold data must be subject to review.

By contrast, the UK law would see the data gathered and held for more mundane purposes and without significant oversight. The powers requiring data to be retained came into force in December 2016.

One proposed change to tackle the problems was to create an Office for Communications Data Authorisations that would oversee requests to data from police and other organisations.

The government said it planned to revise the law by April 2019 but Friday’s ruling means it now has only six months to complete the task.

In a statement, security minister Ben Wallace said: “Liberty has for years created misplaced fear about this legislation, and we are pleased that the court recognises the importance of communications data in fighting crime and keeping families and communities safe.”

He welcomed the “pragmatic” ruling that balanced security concerns with the right to privacy.

Martha Spurrier, director of Liberty, said the powers to grab data in the Act put sensitive information at “huge risk”.

Javier Ruiz, policy director at the Open Rights Group which campaigns on digital issues, said: “We are disappointed the court decided to narrowly focus on access to records but did not challenge the general and indiscriminate retention of communications data.”

Cash to support the legal challenge was raised via a crowdfunding website. Liberty has started another fundraising campaign to help bankroll the next stage of its legal challenge. This will seek to challenge “bulk interception” of browsing and calling habits.

Sinclair Spectrum designer Rick Dickinson dies in US

Rick Dickinson, the designer of Sinclair computers, has died in the US while receiving treatment for cancer.

The British designer, thought to be in his 60s, worked in-house for Sinclair Research and oversaw the creation of its home computers in the 1980s.

He was responsible for the boxy look of the ZX80 and ZX81 and the Bauhaus-inspired appearance of the Spectrum.

Mr Dickinson also helped to develop the technologies for the UK company’s touch-sensitive and rubber keyboards.

He was recently linked to a crowd-funded project by Retro Computers to turn the Spectrum into a handheld computer. Some of the early reference designs for the machine were drawn up by him.

Codemakers

In an interview with the BBC in 2012, Mr Dickinson said the development of the keyboards had been driven by a desire to cut costs. The touch-sensitive mats used in the Sinclair machines were much cheaper and simpler than traditional keyboards made of hundreds of components.

In the interview, he said he had had doubts that the first machines would be successful but the company had been “overwhelmed” by interest and demand once they had launched.

He said the machines had “spawned a generation” of coders that had helped to establish the UK’s reputation as a creative, game-making powerhouse.

He added: “Sinclair products were born out of staggering innovation and clever shortcuts to get things into ever smaller packages at lower costs.”

The drawing board on which Mr Dickinson designed the Spectrum is now in the Science Museum.

A graduate in industrial design from Newcastle Polytechnic, he joined Sinclair in 1979.

After leaving the company, Mr Dickinson set up an industrial design consultancy Dickinson Associates. Through the Cambridgeshire-based firm, he was involved with the design of the first Amstrad portable computers, early mobile phones and game consoles.

The first news of Mr Dickinson’s death came via an email sent by his wife, Elizabeth, to family and friends, asking that it be sent on to all those might want to know of his passing.

A spokesman at Dickinson Associates confirmed he had died earlier this week.

The email said Mr Dickinson had been diagnosed with cancer in 2015, for which he had received successful treatment. However, it said, the cancer had returned last year.

Mr Dickinson had then travelled to the US for specialist care but had died suddenly between bouts of treatment.

Tech Tent: the technology of pleasure

When it comes to sex tech, the gadgets that grab the headlines tend to be the sex robots, with their exaggeratedly feminine shapes and artificially intelligent responses to desire.

But the market extends beyond these devices, and one British firm is seeking to challenge the stereotype.

Stephanie Alys, co-founder of Mystery Vibe, describes her firm’s product, the Crescendo vibrator, as a luxury sex toy. With a $180 price tag – £139 in the UK – it’s certainly not cheap.

It’s a silicon-encased device which can be bent into a number of shapes. It can be controlled via a phone app and features wireless charging.

It’s app-powered, but in this age of fierce debate about data privacy and protection, is this most personal of data for sharing?

There is no log-in to the Mystery Vibe app and no data is collected, says Stephanie Alys – although she admits she can see the potential for data analytics in the future.

  • Stream or download the latest Tech Tent podcast
  • Listen live every Friday at 15.00 GMT on the BBC World Service

    “If we put sensors in the silicon that understood indications of arousal, if you understood what turned one person on …. you could start to create content for them, maybe visual content through their smart TV, or even interact with other objects in their smart home – their smart heating, their smart lighting to create a very immersive experience,” she said.

    But is the consumer ready for that?

    “I’m having a hard time imagining getting aroused while knowing that my toy is recording information about me and talking to the other connecting devices in my house,” said Kashmir Hill from Gizmodo.

    She recalled the story of Canadian firm WeVibe, which collected all kinds of data about how its sex toy was being used – but neglected to inform its customers that it was doing so.

    The firm argued that the data helped it to improve its product – but still faced legal action as a result.

How to handle the flood of GDPR privacy updates

Many app users’ inboxes are bulging with requests to review new terms of service and privacy conditions.

And it is no coincidence that so many developers have revamped their small print at the same time.

In just under a month, the EU will introduce a new privacy law that gives Europeans new data protection rights and threatens giant fines for organisations that do not comply.

But making sense of the new terms poses a challenge.

Some companies, including Facebook, are asking members to give explicit consent to new features such as facial recognition.

Others – such as Twitter, Fitbit and Yahoo – have told members that simply continuing to use their products will be interpreted as agreement to the tweaked conditions.

The time-strapped public would be forgiven for thinking the easiest thing to do is to tick the necessary boxes and otherwise plough on regardless, despite the advent of the General Data Protection Regulation (GDPR).

After all, who normally reads this stuff?

  • Are you ready for the EU’s data privacy shake-up?
  • Who controls your data?
  • Facebook seeks facial recognition consent

    But that would be to pass up an opportunity to understand and place limits on how your personal details are being exploited for profit.

    And there is value in knowing what you have signed up for in advance of the next data privacy scandal.

    Digital rights campaign group Privacy International suggests that one way to handle the deluge of documents is to search for instances of the following terms:

    ‘Data providers’

    The phrase may be mentioned in sections that explain what data is being collected and how that is achieved.

    In particular, users should watch out for details of personal information being acquired from third parties that could let the services profile them in unexpected ways.

    ‘Location data’

    The new law explicitly defines the places a person visits in their past and present as being a type of personal data for the first time.

    Organisations are therefore required to detail how such information will be used to identify individuals.

    ‘Affirmative act’

    When consent is required, it must now be given via a clear action.

    The days of automatically signing up people to a marketing campaign because they did not untick a box are over.

    But it’s worth double-checking how consent is being sought to avoid clicking a button without realising its consequences.

    ‘Controller’

    Users based outside the EU should check where the entity is based. Facebook recently switched millions of its users out of the control of its Irish office, which means they will no longer be protected by the European watchdogs enforcing the new legislation.

    ‘Purposes’ and ‘Recipients’

    These terms are often used to inform users what a business will do with their data and with whom they will share it.

    The UK’s Consumers’ Association – known more commonly as Which? – has published its own guide to GDPR.

    It highlights some of the ways you can take advantage of GDPR’s new rights.

    These include the right to object to any decisions taken by organisations based solely on algorithms having analysed your personal data. For instance, you can appeal against a decision to refuse you a job interview based solely on computer analysis of your CV.

    You can also request a copy of the personal data being processed to make software-driven decisions.

    Which’s computing editor told the BBC that people should be aware that if they are unhappy at how their personal information is being used to target ads at them, they can now demand part or all of it to be erased.

    She added that people should also watch out for illegitimate enticements.

    “I saw on Twitter the other day somebody share an email… saying you’d get a free pizza if/when you consented,” commented Kate Bevan.

    “That is a big fat nope – consent can’t be bundled with something else.”

    Those that take the time to wade through all the paperwork may still have questions.

    For example, while an app might have to disclose that it shares data with third parties, it does not necessarily have to name them unless a user personally requests the information.

    “They should always give you a point of contact,” explained Nicola Fulford, head of data protection and privacy at the law firm Kemp Little.

    “If they sent you an email and you have questions, then they should respond to it, although obviously at the moment they may be very busy.”

    View comments

Tech Tent: Questions for Zuckerberg and Cambridge

It was a two-day interrogation with dozens of questions – some of them acute, some of them rambling, a few quite bizarre.

On the Tech Tent podcast this week, we zero in on what Mark Zuckerberg failed to answer during his US congressional appearances, about just how much data Facebook collects – and the control users have over it.

We also try to find out whether something bad is going on at University of Cambridge when it comes to academic use of Facebook data, as Mr Zuckerberg suggested.

  • Stream or download the latest Tech Tent podcast
  • Listen live every Friday at 15.00 GMT on the BBC World Service

    The single most uncomfortable moment for Facebook’s founder was probably when Senator Dick Durbin asked him whether he would share with the committee the name of the hotel where he had spent the night in Washington.

    After a long pause and an embarrassed grin he answered “umm…no!”

    It made the point, according to Senator Durbin, that he was more cautious about his privacy than the average Facebook user who “checks in” without a thought.

    The following day, he was asked by Congressman Ben Lujan about the data collected on people who had never even signed up to Facebook. Again, Mr Zuckerberg appeared uncomfortable. He had never heard of the widely used term “shadow profiles” to describe this kind of data collection.

    Then the congressman took us down an Alice in Wonderland-style rabbit hole, where people who do not use Facebook are told to log in to their Facebook accounts to find out what data Facebook holds on them. “We’ve got to fix that,” he said.

    Frederike Kaltheuner from Privacy International tells Tech Tent that this kind of data collection, with users unaware of what is happening, is all too common – and Facebook is far from the only culprit.

    We also examine the issue raised by Mr Zuckerberg when he was asked whether he planned to sue either Dr Aleksandr Kogan or Cambridge University over the misuse of Facebook data.

    ‘Stronger action’

    He talked of a whole programme at the university, where a number of researchers were building similar apps to that made by Dr Kogan for Cambridge Analytica.

    “We do need to know whether there was something bad going on at Cambridge University overall that will require a stronger action from us,” he said.

    The university fired straight back. Mr Zuckerberg should have known that perfectly respectable academic research into social media had been going on, some of it with the involvement of Facebook employees. And as for Dr Kogan, the university had written to Facebook about its allegations against him but had not received a reply.

    On Wednesday morning, before Mr Zuckerberg’s remarks, I visited the Cambridge Psychometrics Centre and found some acknowledgement of the harm caused to the university’s reputation.

    The Centre, which is located in the Judge Business School, was drawn into the controversy when Facebook banned Cubeyou, another firm that had developed a personality quiz in collaboration with the university’s academics.

    Business development director Vesselin Popov insisted it was opt-in only and was in line with Facebook’s policies at the time, so was not at all like the app developed for Cambridge Analytica by Dr Kogan.

    He told me that Dr Kogan’s work had raised issues for the university: “Even if an academic does something – quote unquote in their ‘spare time’, with their own company – they still ought to be held to professional standards as a psychologist.”

    Dr Kogan and the Cambridge Psychometrics Centre are in dispute over whether a row over his personality app – and the involvement of the centre’s academics – was about ethics or money. I wrote another article about that issue on Friday.

    But the two sides agree that Facebook needs to focus on what commercial businesses do with user data, rather than academics.

    “It’s very clear that Cambridge Analytica and these kinds of companies are the product of an environment to which Facebook has contributed greatly,” says Mr Popov. “Although they might be making some changes today in response to public and regulatory pressure, this needs to be seen as an outcome of very permissive attitudes towards those companies.”

    With an audit of thousands of Facebook apps under way, we may hear more in the coming weeks about just how cavalier some companies have been with our personal data.

    • Stream or download the latest Tech Tent podcast
    • Listen live every Friday at 15.00 GMT on the BBC World Service

Facebook ‘too slow to deal with hack’, says singer

A musician whose Facebook account was hijacked has urged the company to make it easier for people to recover control of their social media pages.

Country and gospel singer Philippa Hanna said Facebook was difficult to contact and took several days to act.

The attacker changed her contact details and username, so Ms Hanna was locked out of her own account, and even mocked her followers.

The company says it has a dedicated reporting channel but is investigating.

Ms Hanna has supported Lionel Ritchie, Leona Lewis and Little Mix on tour and has more than 5,000 friends and 6,000 followers on Facebook.

She was concerned by the hijack because she used her account to promote her music, and her account was linked to another website that stored her bank details.

Automated emails

According to Ms Hanna, South Yorkshire Police told her to look the problem up on Google.

The police force has been contacted by the BBC for comment.

Ms Hanna said she contacted Facebook as soon as she realised what had happened, but found it very difficult to get a response.

“One of the worst things was being stuck in a loop of automated emails telling me to try the same things I had already tried,” she said.

“My friends were trying to report the page, but Facebook kept coming back, saying ‘there’s nothing offensive about this account’.

“There wasn’t the option to say the page had been hijacked. There was a ‘fake account’ option, but mine was not fake. It was stolen.”

Mother ‘unfriended’

Ms Hanna admits that the email address she had used to set up her account was no longer active, so Facebook could not send her a reset link to unlock it.

But she was disappointed that one of Facebook’s automated suggestions was to delete the account.

“After 10 years of building it up, using it for my career as an independent musician, I thought that was not acceptable. It felt like a kick in the guts after 10 years of devoted data entry.”

While the attacker did not make any demands or public posts, the person, who appeared to be logging in from Turkey, did change her friends list and “unfriended” her mother.

The attacker also sent a private message full of laughing emojis to a fan who had messaged the singer about their mental health.

“That was when I got really annoyed – to me this is a public safety issue,” Ms Hanna said.

“I have vulnerable people who trust me and this hacker was mocking that, pretending to be me.”

‘Amazing’ platform

Ms Hanna put a note on Instagram explaining that she had been hacked on Facebook.

When she woke up the following day, she discovered the post had been removed and she had received an email saying somebody had been trying to change her settings.

“It was really eerie – he was censoring my Instagram to keep himself protected.”

She thinks she may have come to the attention of the hacker after a video of her singing an Ed Sheeran song went viral, attracting more than 18 million views.

“I certainly don’t hate Facebook. It’s an amazing platform,” she said.

“But it really needs to give serious thought into how to protect people.”

Dedicated reporting channels

Ms Hanna says she now has her account back.

“The lady who eventually helped me was an angel. There are amazing, clever people at Facebook – but its far too hard to get to them,” she said.

“There should be an emergency helpline. I would gladly have paid a premium charge to speak to someone if only it had been an option. It would have been worth doing to protect my followers.”

Facebook said it was investigating what had happened.

It said: “We want everyone to have a positive experience on Facebook which is why we have a dedicated reporting channel on our Help Centre for people to secure their account if they think it has been compromised.”