- Newsletters
- Videos
- Events
- Resources
- Communities
- Capitalizing on Desktop Virtualization
- The Challenges of OS Migration
- Citrix's Mobile Enterprise 360
- Cloud Powered Work
- Dispelling Myths About Cloud-based Archiving KnowledgeVault Exchange
- The Essential Guide to Managing Power
- Get an Integrated Approach to Data Management
- HP Software Defined Networking
- Realizing the Value of Unified Communications
- A Smarter Approach to Data Protection
- Your IT Journey — Your Way
- Research
- Aruba Networks Bring Your Own Device
- BlackBerry: Build up your BlackBerry® 10 knowledge
- HP Converged Storage Solution Center
- IBM SmartCloud Solutions
- Network World Application Performance Management Challenge 2013
- The 2013 Mobile Application Management Challenge
- Network World The Next Generation Firewall Challenge
- Network World Data Center Challenge 2012
- Network World 2013 WI-FI Challenge
- Riverbed Accelerate Business Performance Solution Center
- Riverbed Cascade® Solution Center
- Webroot - Internet Security Resource Center
- View all Solution Centers
- Insider
- More
You are previewing premium content. Become an Insider to read the full article.
Facebook bug exposes contact information from millions of users
There is no evidence, the company says, that the bug has been exploited maliciously
IDG News Service - A bug on Facebook leaked email addresses and phone numbers provided by some 6 million people on the site to certain other users, the company revealed Friday.
[Worst security snafus of 2012]
What sparked the problem is a bit complicated. The bug caused some of the information that the social network stores to make friend recommendations to be inadvertently stored in association with people's contact information as part of their Facebook account, the company said Friday on its .
As a result, if a person were to download an archive of their account through Facebook's Download Your Information (DYI) tool, additional email addresses or telephone numbers for the person's contacts, or other people with whom the user is connected, might have been displayed, Facebook said.
"We've concluded that approximately six million Facebook users had email addresses or telephone numbers shared," the company said.
"This contact information was provided by other people on Facebook and was not necessarily accurate, but was inadvertently included with the contacts of the person using the DYI tool," Facebook explained.
Also, in almost all cases, an email address or telephone number was exposed to only one person, Facebook said. No other types of personal or financial information were included, and only people on Facebook -- not developers or advertisers -- have access to the DYI tool, the company said.
Facebook said the company has no evidence that the bug has been exploited maliciously, and "we have not received complaints from users or seen anomalous behavior on the tool or site to suggest wrongdoing," the company said.
The bug had been live for a year before it was discovered by Facebook's security team last week. Upon confirmation of the bug, the DYI tool was immediately disabled to fix the problem, and it was turned back on the next day after being fixed.
"We'll work doubly hard to make sure nothing like this happens again," the company said.
Facebook is contacting affected users via email.
Zach Miners covers social networking, search and general technology news for IDG News Service. Follow Zach on Twitter at . Zach's e-mail address is
-
Million-dollar robbery rocks Bitcoin exchange
-
12 jobs getting the biggest raises in 2014
-
HP private cloud service leads the pack, followed by Cisco and Microsoft, Forrester says
-
The Tenth Gibbs Golden Turkey Awards
-
Microsoft reveals Black Friday deals for Surface, laptops
Rss Feed
- Extreme starts anew after Enterasys buy
- Top signs that you've been breached
- Why we are losing the cyber security war and what we can do about it
- How to prepare for cloud-based enterprise mobility management
- Hackathons: Innovative business solution or a breeding ground for future competition?
