Facebook Bug Exposes Data Of 6 Million Users

Facebook revealed in a security update announcement that a bug had made the data of six million users vulnerable. Apparently it was possible to use Facebook’s data export tool to reveal six million email addresses and usernames.Facebook says the data was not widely leaked and the data only reached a handful of people most of which would of known a lot of people on the list of exposed data as it was based on contact data similarities.

Normally Facebook asks you to import contact data from other social networks, email or your phone and then this would be stored privately and securely from the main user data. At no stage should the data be shared with anyone and is only meant for use in a people-data matching algorithm. Yet somehow the data did get stored to some people’s accounts and Facebook was made aware of the bug in its “White Hat” program which offers up cash sums for finding bugs and exploits in the website.

“We’ve concluded that approximately 6 million Facebook users had email addresses or telephone numbers shared. There were other email addresses or telephone numbers included in the downloads, but they were not connected to any Facebook users or even names of individuals. This means, in almost all cases, an email address or telephone number was only exposed to one person. Additionally, no other types of personal or financial information were included and only people on Facebook – not developers or advertisers – have access to the DYI tool.”

Image courtesy of Facebook