Facebook and Instagram parent company Meta Platforms reportedly fired or disciplined more than two dozen employees and contracted security guards who exploited an internal tool to take over user accounts, The Wall Street Journal reported, citing documents and sources familiar with the matter.

Among the fired employees were contractors who worked as security guards stationed at Meta facilities and were given access to the Facebook parent’s internal system known as “Oops” (short for Online Operations) used for resetting user accounts, which is supposed to be off limits to the vast majority of Facebook users.

As per the report, users who were locked out of their Facebook accounts often weren’t able to regain access through traditional means, such as reaching out to Facebook via email or phone. So, some users resorted to seeking outside sources who have contacts within Meta who were willing to unlock accounts for them.

In some cases, according to documents viewed by WSJ, workers accepted thousands of dollars in bribes from hackers to compromise or access user accounts. The terminations or discipline was a result of an internal investigation led by Meta executives.

Meta is also investigating some former employees for remaining in contact with other workers, allegedly to hijack user accounts, the report said.

According to the publication, the fired security guards were not actual Meta employees, but worked for a contractor, Allied Universal. The contractor’s spokeswoman told WSJ that the company “takes seriously all reports of violations of our standards of conduct.” The report also notes that recently Allied has limited its employees’ use of internal systems, warning that they “DO NOT use the Meta OOPS platform.”