Shortly after I created my account in 2007, I deactivated it because I had no intention to use it.

I forgot all about it until 2013, when I checked my e-mail one morning and found a long list of messages from FB, one saying I had "one more step to complete before I could use FB", and another one welcoming me back to it.

I immediatelly reported it wasn't me, using the link provided on the message. And after following the procedures, I had control of the account again.

I signed in to find about 50 people added as "friends" to my account, and spent the rest of that morning deleting everyone, changing stuff that the hacker had changed to suit himself, and setting up a two-step verification using my phone.

I never learned what really happened because FB staff won't tell details to anyone, but my best guess is that FB makes your user name available a few months after you deactivate your account. Someone with the same name as me (or probably wanting to impersonate me for God knows what reason) picked up that name and used it, then FB sent copies of the activation messages to my e-mail. I said "copies" because the hacker had already changed the e-mail and password to his own, but if it wasn't for that, I'd never know until it was too late.

Now I log in every so often just to keep it going, seeing that FB policies seem to be a bit too sketchy.