Yesterday, Facebook Security posted a note about a recent bug that was discovered by their White Hat program that could have compromised the contact information of up to 6,000,000 users.
According to the note, “a bug that may have allowed some of a person’s contact information (email or phone number) to be accessed by people who either had some contact information about that person or some connection to them.”
Facebook went on to say that describing how the bug worked was pretty technical but it’s related to the contact list / address book upload feature on the platform. Facebook basically made a boo boo on matching up personal data and connections.
When people used the DYI (Download Your Information) tool, it’s possible that they also received additional email addresses and phone numbers for their contacts and even people with whom that they have no connection. The good news is that developers and advertisers do not have access to this tool.
Facebook assured users that they have found no evidence of this bug being used maliciously and that affected user information was likely shared with only one person. Facebook immediately disabled the DYI tool and squashed the bug within a day.
Facebook concluded the note by apologizing and stating that they will work even harder to make sure something like this doesn’t happen in the future.
SocialSafe helps you to create your library of you. It’s the safest place for your online life. Downloaded to your computer, auto organised and instantly searchable. Supports most major social networks.
BitDefender Safego is a Facebook application you can install that will scan your News Feed and help keep you safe from scams on Facebook.
PRIVATE WiFi® is a Personal VPN that encrypts everything you send and receive. Don’t access Facebook from a public WiFi hotspot without it.