I personally find it a little difficult to believe that this was a security researcher. Exploiting a vulnerability (against the rules of engagement), _and_ uploading a web shell?
Seems more likely that Facebook wasn't thrilled that Orange included the details of an existing, unknown Facebook compromise in his write-up.
