September 5, 2011
The hack was discovered by security blog Naked Security and works by providing new admins with the same administrative rights as the page creator, even though Facebook FAQ clearly notes that the “original creator of the Page may never be removed by other Page admins.”
While that’s the way the program “should” work, the video shown below clearly shows a different type of system in which any administrator can kick out an original admin, even if they are the person who created the page.
According to the Register Facebook FAQ errored in terminology, in any case, the reality of the situation doesn’t match the rights of page owners and administrators.
Here’s the video showing the error: read more