Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook Bug Exposed 6 Million Users

Posted by Soulskill on from the just-a-handful dept.

jamaicaplain sends this quote from the NY Times: "Facebook has inadvertently exposed six million users' phone numbers and e-mail addresses to unauthorized viewers over the last year, the company said late Friday. Facebook blamed the data leaks, which began in 2012, on a technical flaw in its huge archive of contact information collected from its 1.1 billion users worldwide. As a result of the problem, Facebook users who downloaded contact data for their list of friends obtained additional information that they were not supposed to have. Facebook's security team was alerted to the problem last week and fixed it within 24 hours. But Facebook did not publicly acknowledge the flaw until Friday afternoon, when it published a message on its blog explaining the situation."

16 of 75 comments (clear)

  1. The bug was by Anonymous Coward · · Score: 2, Insightful

    That it didn't expose them to advertisers.

  2. They have to fix it fast. by 140Mandak262Jamuna · · Score: 4, Insightful

    This highly confidential data is very valuable thing and the most important thing Facebook is selling to its "partners". Leaking this information for free without collecting revenue is highly detrimental to the company. They have since fixed the problem, it is all well and good. You now have to become a "partner" and pay the required fees to Facebook to get such confidential data.

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
    1. Re:They have to fix it fast. by swillden · · Score: 4, Informative

      I feel funny defending Facebook, but unless they're blatantly violating their own published privacy policy, they don't sell personally-identifiable information to others. While it's possible they're intentionally violating their policy, I think that's unlikely.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    2. Re:They have to fix it fast. by PolygamousRanchKid+ · · Score: 4, Insightful

      I feel funny defending Facebook, but unless they're blatantly violating their own published privacy policy, they don't sell personally-identifiable information to others. While it's possible they're intentionally violating their policy, I think that's unlikely.

      I feel funny defending the NSA, but unless they're blatantly violating their own published privacy policy, they don't spy on US citizens. While it's possible they're intentionally violating their policy, I think that's unlikely.

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    3. Re:They have to fix it fast. by davester666 · · Score: 2

      Yes, they don't SELL pii to others.

      They only RENT it.

      --
      Sleep your way to a whiter smile...date a dentist!
  3. What's a facebook? by I'm+New+Around+Here · · Score: 5, Funny

    I don't act smug and superior when I tell people I don't have a Facebook page.

    But I think I should start.

    --
    If you think I voted for Trump because of this post, you're wrong. I voted for Dr. Jill Stein of the Green Party. Again.
  4. Testing by hurwak-feg · · Score: 2

    It would be interesting to see their test cases. This seems like their test cases weren't very well thought out. Or the more cynical view is testing takes time and money to pay people to do the testing. Its cheaper to just deploy the application.

    1. Re:Testing by ebno-10db · · Score: 5, Insightful

      Test cases? We're talking about Facebook - the company that often tests software by just going live with it. Some people call this rapid development, but I call it sloppy garbage.

    2. Re:Testing by 140Mandak262Jamuna · · Score: 2

      You call it sloppy garbage. The all knowing market with its invisible hand thinks it is worth a few billion dollars.

      --
      sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
    3. Re:Testing by ebno-10db · · Score: 3, Insightful

      The all knowing market also brought us the tulip bulb bubble, and that invisible hand is reaching for your wallet.

  5. faceboo cannot arrest, imprison, rape, kill by decora · · Score: 2

    people, at least not that i know of.

    people who cannot comprehend the difference between a priavte corporation, with your consent, sharing your information, and government agencies obtaining your email without warrant, are

    1. uneducated
    2. ignorant
    3. i kind of worry about what their view on consent in other areas of life is, like sex.

  6. The bug that exposes your info by FuzzNugget · · Score: 2

    It's just called "Facebook"

  7. Criminal Liability? by Secret+Agent+Man · · Score: 2

    Is there any sort of punishment available for this? When a company hoards massive amounts of data, and it gets leaked, does anything happen other than "sorry, guess we goofed"?

    This is one of the many reasons I don't like companies (or the government)sitting on so much data like this: If they have it, someone else will get it.

  8. CODE SCHMODE by JeanInMontana · · Score: 2

    Facebook code is rewritten every Tuesday. On Wednesday expect things to be FUBAR and forget weekends when use is even higher. Anyone with an account must accept the fact they are in no way safe, secure or private in anyway no matter how diligent one is in trying to keep up with the ever changing settings and reverts to default.

    --
    *Think globally~Dream universally*
  9. where did FB get my phone # and birthday? by RavenManiac · · Score: 2

    I didn't give it to them. Neither are mentioned in any posts.

    I don't want to display that and wish to delete. Does Google+ do that? I suspect they can, but may not.

  10. Security kudos by AnotherAnonymousUser · · Score: 2

    You have to admit, for all the Facebook bashing that happens, the fact that hacks, break-ins, and bugs of this nature are so uncommon, given that they're dynamically managing a userbase of a billion people, is an impressive task.

    When break ins or bugs do occur, they happen in a very big and very bad way, as a single bug affects millions, and there's a lot of people I wouldn't want seeing my personal data. Most of us here seem to take the stance of locking down our Facebooks, keeping what's posted at a minimum, and generally keeping it at a distance with a ten foot pole, but there's admittedly very little respect for Facebook managing to be more or less secure from a technical standpoint. Now, their change deployment policy is god awful, but that's a different piece altogether...