Bangalore: Facebook‘s multi-level security options can make any normal user feel secured about the data they share on timelines. But a major security glitch was exposed by a WhiteHat hacker right on the timeline of Facebook CEO, Mark Zuckerberg.

Khalil Shreateh, a Palestinian developer and hacker discovered a security flaw on Facebook, a loophole to bypass Privacy and Security settings of any random Facebook user and to post on their timeline. On his personal blog, Khalil explained the events that followed after he tried to get Facebook security team’s attention on possible vulnerabilities.

He claimed to have sent a full description of the bug with proof of its existence through screenshots of live exploits he made on the timeline of Mark’s former college classmate, Sarah Goodin. Unfortunately the Facebook Security employee didn’t give the needed attention to his repeated bug reports and only sent back a short intimation which stated: “I’m sorry this is not a bug”.

This left the Palestinian hacker no other choice but to report the issue to Facebook CEO, right on his timeline. This rogue exploit got the needed attention from Facebook Security team who temporarily disabled his account “as a precaution” while they fixed the bug. The WhiteHat Security Feedback page encourages developers world-wide to report vulnerable bugs found on Facebook in order to make the platform more secure for its users. It also offers at least $500 for finding significant vulnerabilities.

But Facebook says Khalil cannot claim a reward since he violated Facebook’s terms of service by using the bug to access multiple users’ timeline without their consent.