Facebook is alerting 6 million of its users that their e-mails or phone numbers were inadvertently shared with other members. So is it another reason to condemn social networking sites
A lot of us make a cardinal mistake in operating with social networking sites. We use the same passwords such as our email accounts, upload personal details such as phone numbers etc. Knowing the risks that these sites / applications are exposed to (by nature of them being public spaces) user discretion is advised rather than blame it on security of social networking sites
Facebook is alerting 6 million of its users that their e-mails or phone numbers were inadvertently shared with other members. The social network said that it has discovered and patched a bug in its “Download Your Information” tool that unintentionally exposed some members’ contact details. The bug was reported through the company’s White Hat program, which rewards security researchers for reporting vulnerabilities. The bug was fixed within 24 hours, a company spokesperson told CNET.
“It’s … something we’re upset and embarrassed by,” Facebook said in a note published to its security blog. “We’ll work doubly hard to make sure nothing like this happens again.” The glitch itself is a bit difficult to explain, but essentially if one choses to download a copy of data, their Facebook archive may have included the phone number or e-mail address of any person who they are connected to. The extra information was provided because of a hiccup during the friend recommendation process.
Facebook explained the situation security blog with the following description:
When people upload their contact lists or address books to Facebook, we try to match that data with the contact information of other people on Facebook in order to generate friend recommendations. For example, we don’t want to recommend that people invite contacts to join Facebook if those contacts are already on Facebook; instead we want to recommend that they invite those contacts to be their friends on Facebook.
Because of the bug, some of the information used to make friend recommendations and reduce the number of invitations we send was inadvertently stored in association with people’s contact information as part of their account on Facebook. As a result, if a person went to download an archive of their Facebook account through our Download Your Information (DIY) tool, they may have been provided with additional email addresses or telephone numbers for their contacts or people with whom they have some connection. This contact information was provided by other people on Facebook and was not necessarily accurate, but was inadvertently included with the contacts of the person using the DYI tool.
Facebook said that it has no knowledge of the bug being used maliciously and that it has not received any complaints from users. Still, the company has notified regulators in the U.S., Canada, and Europe of the matter. Affected members will receive an e-mail that provides insight around their contact information that was shared and the number of people it was showed to, the spokesperson said.
Read the news article at https://news.cnet.com/8301-1009_3-57590528-83/facebook-bug-exposed-contact-info-of-6m-users/
Comments are closed.