Facebook Flaw Exposes Private Data for 6M Users

| News

About 6 million Facebook users shared more personal information than they planned thanks to a bug in the social networking service's database system. The flaw was discovered at the end of last week and had been exposing the email addresses and phone numbers of users.

Oops: Facebook exposes private email address and phone numbersOops: Facebook exposes private email address and phone numbers

The company said in a statement,

Because of the bug, some of the information used to make friend recommendations and reduce the number of invitations we send was inadvertently stored in association with people's contact information as part of their account on Facebook. As a result, if a person went to download an archive of their Facebook account through our Download Your Information (DYI) tool, they may have been provided with additional email addresses or telephone numbers for their contacts or people with whom they have some connection. This contact information was provided by other people on Facebook and was not necessarily accurate, but was inadvertently included with the contacts of the person using the DYI tool.

The bug was discovered through Facebook's White Hat program which includes security people from outside the company who are searching for problems like this one. Facebook disabled the DYI tool once it knew about the problem, then brought it back online over the weekend after the bug had been fixed.

According to Facebook, the practical impact of the privacy bug is fairly limited because the people most likely to see the extra information "already had some of that contact information anyway, or who had some connection to one another."

Facebook said it has notified the proper regulatory agencies in the United States, Canada and Europe and is currently notifying affected users through email.

Comments

Lee Dronick

Meanwhile their aesthetically challenged designers recently released a new iOS app.

Andres Arcesio Torres Cano

As appropriate to give out these facts after the spy scandal and which is committed to this company and others to provide information to the government. with apologies will not repair the damage, naive hope that this nonsense.
http://ipservice.com.co/empresas-poligrafia.php

Scott B in DC

It doesn’t matter that Facebook was “open” about their issue. Once again, it shows that their testing and quality control stinks. Rather than have a proper quality assurance program, Facebook continues to play fast and loose with their system in order to shove “products” out the door to extract your private data for their monetary purposes. These people are more hungry for your private information than the NSA.

Before anyone starts in with the malarkey that you can’t write bug-free software, I contend that the number of bugs/defects can be significantly reduced with proper testing methodologies. It’s difficult to do, but doing the right thing is never easy!

If nothing else, these Facebook fiascos makes me want to see the software industry’s version of “Unsafe at Any Speed.”

iJack

”..Unsafe at Any Speed.”

Dude! That really dates you.
And me, for recognizing it.

Log-in to comment