Facebook blogs, emails people about potential bug that allows access to contact information

Facebook blogs, emails people about potential bug that allows access to contact information

Facebook just disclosed that that their White Hat program has discovered a potential bug that could allow contact information, including email and phone numbers, to be accessed by other uses who have some type of existing connection. You can see a copy of the email above, which they're proactively sending affected users. In a blog post, though buried after several paragraphs of mitigation, Facebook said:

Because of the bug, some of the information used to make friend recommendations and reduce the number of invitations we send was inadvertently stored in association with people’s contact information as part of their account on Facebook. As a result, if a person went to download an archive of their Facebook account through our Download Your Information (DYI) tool, they may have been provided with additional email addresses or telephone numbers for their contacts or people with whom they have some connection. This contact information was provided by other people on Facebook and was not necessarily accurate, but was inadvertently included with the contacts of the person using the DYI tool.

It's a lot to unpack, so read it carefully. If you received an email, read it doubly carefully. Then let us know what questions, concerns, and overall thoughts you might have.

Source: Facebook

Have something to say about this story? Share your comments below! Need help with something else? Submit your question!

Rene Ritchie

Editor-in-Chief of iMore, co-host of Iterate, Debug, Review, Vector, and MacBreak Weekly podcasts. Cook, grappler, photon wrangler. Follow him on Twitter and Google+.

More Posts

 

3
loading...
0
loading...
28
loading...
0
loading...

← Previously

Now that there’s iOS in the Car, what are the odds of iOS on the Camera? [Poll]

Next up →

Airmail for Mac updated with Google Drive support, Droplr integration, and more

Reader comments

Facebook blogs, emails people about potential bug that allows access to contact information

6 Comments

This is so ridiculous stop asking for my information and you can't even keep it safe!!!!!

And once again, it won't even slow down the number of Facebook users. They'll keep punching in whatever info FB asks for.

So my friends (if used properly) could have seen my contact information if they had used an obscure tool on Facebook. For most people this sounds like a non-issue. What is the point of having real friends if they can't be allowed to have your contact information.

"...that could allow contact information, including email and phone numbers, to be accessed by other uses who have some type..."

Should that be "users"?

This is a childish mistake and one that would be impossible to make if Facebook had a policy of reviewing it's software for privacy flaws like it should (and probably doesn't).

On the other hand, as others have pointed out, this is only of issue to those who have "friends" on Facebook that are not actually one's "friends." I realise that this is the majority of people on Facebook, but to me, if you have a "friend" on Facebook, that is someone you wouldn't share your phone number or address with, then you are using the term "friend" incorrectly.