Facebook released a security note today that their security team has identified a system glitch that may have exposed the contact information of six million users.
The bug may have revealed the email addresses and phone numbers of those who had set their contact information private or exclusive to their friends only. Users were not aware that this glitch happened last Friday but Facebook’s White Hat program, the company’s security program, was brave enough to admit the incident.
Facebook did not detail the cause of the system glitch but they explained how it happened. They linked it to how they set up the social networking site to match the contact information uploaded on a user’s account to other users in order to create friend recommendations. For example, once a user uploads his email address, the site will send friend invites to people added on that email addresses for them to sign up for an account to Facebook.
The system glitch unintentionally added other contact information in Facebook without the user’s permission. It is better to check your contact information now to see if there are phone numbers or email addresses added there without your permission. Some of this information were said to be inaccurate as these were generated from the DYI tool of other users.
The security team disabled the DYI tool to resolve the system glitch and had the tool fixed before they restored its operation the following day.
Upon evaluation of the accounts affected, they found out that all contact information was revealed to only one user which they didn’t reveal the name. They clarified that no financial information were compromised during the glitch and that advertisers and developers had no access to the information.
Facebook had not received any complaint from any users during the system glitch so they considered the impact minimal yet they were embarrassed about this incident. They will be sending the affected users an email in the next few days.
