Remember meForgot password?
    Log in with Twitter

article imageFacebook admits contact information for 6 million users exposed

By Leigh Goessl     Jun 23, 2013 in Internet
Facebook said on Friday the contact information for millions of users may have been breached. It was recently discovered a bug exposed some user information.
Facebook made an announcement on Friday that admitted as many as 6 million users of the network may have had their contact information exposed. According to the Washington Post, the bug was found and reported to the company's security team.
Facebook makes an announcement
"We recently received a report to our White Hat program regarding a bug that may have allowed some of a person’s contact information (email or phone number) to be accessed by people who either had some contact information about that person or some connection to them," Facebook said in its announcement.
"Because of the bug, some of the information used to make friend recommendations and reduce the number of invitations we send was inadvertently stored in association with people’s contact information as part of their account on Facebook," the social network giant also said. "As a result, if a person went to download an archive of their Facebook account through our Download Your Information (DYI) tool, they may have been provided with additional email addresses or telephone numbers for their contacts or people with whom they have some connection."
The DYI tool was temporarily shut down while the bug was being fixed, said Facebook. However, it is possible the contact information could have been downloaded when people downloaded their own information while the bug was still active.
Millions of users affected by the bug
It appears approximately 6 million network users were exposed, but the company indicated the information was very specific. Facebook said no other types of personal or financial information was breached. According to Reuters, it appears the information has been exposed since sometime in 2012.
"We've concluded that approximately 6 million Facebook users had email addresses or telephone numbers shared. There were other email addresses or telephone numbers included in the downloads, but they were not connected to any Facebook users or even names of individuals," Facebook said. "Additionally, no other types of personal or financial information were included and only people on Facebook – not developers or advertisers – have access to the DYI tool."
Facebook is 'upset and embarrassed' by bug
At this time, Facebook says there is no evidence the bug was used in a malicious fashion. The company did say that while likelihood of the information used for nefarious purposes was low since the information shared was likely shared anyway with their friends, but noted they were still "upset and embarrassed" by the exposure.
Affected users should receive an email from Facebook.
Privacy issues and Facebook's stock performance
As AdWeek noted, this breach isn't going to help Facebook's reputation when it comes to privacy issues.
The company has had many problematic issues with privacy over the years and has weathered several privacy firestorms. In 2012, the company settled with the U.S. Federal Trade Commission. As a part of the settlement, the company must adhere to regular audits for 20 years.
TechCrunch posted an interesting tidbit:
Another tipster told TechCrunch she had one email address compromised but noted she cannot figure out how the email was even obtained by Facebook as it appears to be for a former work place, is no longer valid and was never directly associated by her with her account — suggesting Facebook is automatically harvesting contact data from other Facebook users and associating it with other accounts.
If this is occurring, this could be problematic for even those users who are very careful about giving the network any information. TechCrunch said they reached out to Facebook to get more information about how data is gathered.
Since the company went public last year, it's stock has been lackluster at best. Breaches are likely not going to help the company build itself into a well-performing stock.
At this time it is not certain if this announcement on Friday night will impact its stock value come Monday since the market was closed by the time the announcement was made. When the market closed on Friday at 4 p.m. ET Facebook stock was priced at $24.53, slightly up.
A copy of the letter Facebook is sending out (courtesy TechCrunch)
Example of an email sent to some Facebook users affected by a data exposure
Example of an email sent to some Facebook users affected by a data exposure
Facebook (courtesy TechCrunch)
More about Facebook, privacy breach, Breach, data exposure, facebook breach
Latest News
Top News