Personal details of about six million people have been inadvertently exposed by a bug in Facebook's data archive.

"> Personal details of about six million people have been inadvertently exposed by a bug in Facebook's data archive.

">

Radio Sandwell Miscellanea

Millions exposed by Facebook data glitch

2013-06-24 23:53:08

Facebook
Facebook said the impact of the data disclosure
was "minimal"

Personal details of about six million people have been inadvertently exposed by a bug in Facebook's data archive.

The bug meant email and telephone numbers were accidentally shared with people who would not otherwise have had access to the information.

So far, there was no evidence the data exposed was being exploited for malicious ends, said Facebook.

It said it was "upset and embarrassed" by the bug, which was found by a programmer outside the company.

Bug bounty

The data exposure came about because of the way that Facebook handled contact lists and address books uploaded to the social network, it said in a security advisory.

Typically, it said, it analysed the names and contact details on those lists so it could make friend recommendations and put people in touch with those they knew.

The bug meant some of the information Facebook generated during that checking process was stored alongside the uploaded contact lists and address books.

That meant, said Facebook, that when someone had downloaded their profile this extra data had travelled with it, letting people see contact details that had not been explicitly shared with them.

An investigation into the bug showed that contact details for about six million people were inadvertently shared in this way. Despite this, Facebook said the "practical impact" had been small because information was most likely to have been shared with people who already knew the affected individuals.

The bug had now been fixed, it added.

Facebook was alerted to the bug by a member of its "White Hat" program who checks the site's code for glitches and other loopholes. A bounty for the bug has been paid to the programmer who found it.

Security analyst Graham Cluley criticised Facebook's release of the information just before the weekend and said the disclosure had been more about "damage limitation" than making sure the information reached as wide an audience as possible.

Source: bbc.co.uk

Share this story

Related Stories

Miscellanea around the web

SEA MONSTER MYSTERY: Beast washes up on British beach leaving experts BAFFLED

Life on Mars: 'Fossilised skull' found on Red Planet evidence of ancient alien UFOs?

Cat named Pawfficer Donut to serve with police

End of the world: Christians believe THESE are the signs of the apocalypse

'Hello kitties' turns to 'beware bobcats' in Texas

Dr Dre loses name battle with gynaecologist Dr Drai

Donald Trump's hotel in Scotland bans Irn-Bru

Zoo in trouble after taking bear out for ice cream

Sharks really like jazz music, scientists say

Life after death? Woman ‘meets angel’ in shock glimpse of the afterlife

Image Slider