Blog Post

Hulu halts Facebook Connect after exposing user data

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

Updated. Hulu’s Facebook Connect integration apparently isn’t going as planned. The ability to log in is offline as of this writing, with many people reporting issues with the sign-in option earlier today. According to some, those issues led some users to be signed in to other people’s Hulu accounts, exposing their user account data in the process.

For instance, one reader explained his experience by email:

“First time I tried it was accessing my correct facebook [sic] profile, but I didn’t want it to put my last name on my hulu [sic] account and update my profile pic, so I hit cancel. When I was navigated back to hulu’s home page, I was logged in under Eddie T.’s account. I went to his profile and as soon as I realized I was seeing his personal info, I shut the browser (as I hoped someone do if they found themself in my account!)”

The reader didn’t take a screenshot then, but he tried logging in a third, at which point, he was offered the option of merging his Hulu account with the Facebook account of someone named Alexandria. That’s when he snapped this screenshot:

It’s issues like these that have apparently prompted Hulu to discontinue Facebook Connect for the time being, while it sorts the whole thing out. We’ve tried to log in through Facebook Connect on multiple browsers with little success.

We’ve reached out to Hulu, and will update this post when we get an official comment back.

Update: Mike Flacy at Audio Video Revolution has a detailed report — and screenshots! — of his experience logged in as a Hulu employee using Facebook Connect.

Update #2: Hulu has issued a public response to the Facebook Connect issue in the form of a blog post. In it, Hulu VP of Platform Technology Richard Tom notes that the disruption wasn’t caused by hacking, third-party actions or by Facebook Connect, but was due to a configuration error on Hulu’s part. Tom also noted that no one accessed Hulu systems or “highly sensitive user information such as passwords or credit card numbers.” Once the issue is fully addressed, Hulu will try rolling out Facebook Connect again, but in the meantime, it has shut down Facebook Connect capabilities and is requiring all users to log back in with their Hulu info.

6 Responses to “Hulu halts Facebook Connect after exposing user data”

  1. It’s so scary how easily things can go wrong and our information can be linked. Hulu has had it’s problems in the past that have been easily overlooked…but this one is treading the line.

      • It’s really hard to test this specific issue because development & staging servers do not use caching services. You just need someone in house that knows how to deal with it/make sure it does not happen so it does not blow up like this. Sometimes it makes sense to soft launch for discrete testing periods using hidden URL’s on production servers prior to a public/GA launch to catch this type of an otherwise unforeseen issue.

  2. How is Google Plus going to compete with facebook – Launching very soon. I mean they dominate the web… are they going to dominate social media as well? This will be interesting.