“If you ever need info about anyone at Harvard, just ask,” wrote a 19-year-old Mark Zuckerberg. The year was 2004, and Zuckerberg, then still a Harvard student, had just launched a new social network that was at the time called “The Facebook.”

“I have over 4,000 emails, pictures, addresses, SNS” he continued.

Zuckerberg’s friend, whose name is redacted in the chat logs, expressed disbelief. “What? How’d you manage that one?” Zuckerberg’s response speaks for itself:

Zuckerberg: People just submitted it.

Zuckerberg: I don’t know why.

Zuckerberg: They “trust me”

Zuckerberg: Dumb f*cks.

Who knew he’d be testifying before Congress about protecting his user’s privacy fourteen years later? Hopefully, our Congressmen and women didn’t “trust him” – because we know what Zuckerberg then must think of them.

Merely exploiting the user data provided to him while at Harvard was hardly the only extent to which Zuckerberg abused the platform he’d created (or stolen, given on your take).

According to the Business Insider, three Harvard seniors, Cameron Winklevoss, Tyler Winklevoss, and Divya Narendra, had accused Zuckerberg of misleading them. According to their charges, Zuckerberg agreed to help them build a social network called HarvardConnection.com, but he was instead building a competing product (Facebook).

The accusations led to an investigation by the Harvard Crimson (the school’s student paper), and Zuckerberg was desperate to make sure nothing negative about him was published. So what did he do?

Zuckerberg decided to access the email accounts of Crimson editors and review their emails. How did he do this? Mark used his site, TheFacebook.com, to look up members of the site who identified themselves as members of the Crimson. Then he examined a log of failed logins to see if any of the Crimson members had ever entered an incorrect password into TheFacebook.com.

If the cases in which they had entered failed logins, Mark tried to use them to access the Crimson members’ Harvard email accounts. He successfully accessed two of them. In other words, Mark appears to have used private login data from TheFacebook to hack into the separate email accounts of some TheFacebook users.

And with that, he could read through their emails, to satisfy his curiosity that nothing negative would be published about him.

Ironically, this is probably more embarrassing than the accusations of the three seniors.

Should Facebook overhaul its user policy to protect the privacy of its members? Share your thoughts in the comments section below!