Skip to main content

Facebook says security mishap exposed 6 million users’ contact info

fb security issueReally … another security breach? We thought Facebook would have things all figured out after it once mislabeled “phone number” as “email address”, confusing a lot of people and app developers in the process. But the major mishap of unwittingly unleashing users’ phone numbers into the Internet wild has happened yet again: Facebook just announced that a bug may have unveiled personal information provided by over 6 million Facebook users.

The bug reportedly caused some of the information usually sent by Facebook to make contact suggestions and lessen the number of friend invites – like the user’s phone number or email address – to be accidentally stored as part of the user’s public contact details. As a result, if a person decided to use the Download Your Information (DYI) tool to access a full archive of their Facebook account, it would include all the emails and phone numbers of all their friends, whether they intended to share it or not.

Recommended Videos

The social networking site was made aware of the security bug by its own White Hat program, an initiative that financially rewards developers who successfully report weaknesses in the Facebook system. Facebook temporarily took the tool down and put it back online a day after the bug was initially reported. “There were other email addresses or telephone numbers included in the downloads, but they were not connected to any Facebook users or even names of individuals,” Facebook assured users on its official Security page. “For almost all of the email addresses or telephone numbers impacted, each individual email address or telephone number was only included in a download once or twice. This means, in almost all cases, an email address or telephone number was only exposed to one person.”

Facebook ended their notice with the assertion that no evidence has been found proving that the vulnerable information was used in a malicious manner and that no user has filed a complaint for unusual account activity. The company tried to lessen the blow a tiny bit by noting that the bug’s effect is probably negligible, since the people who likely received their friends’ personal information could have already had access to the contact info in the first place. Nonetheless, Facebook was right to apologize to the public and promised to “work doubly hard to make sure nothing like this happens again.”

Facebook is currently in the process of notifying the 6 million individuals who were affected by the breach via email.

Jam Kotenko
Former Digital Trends Contributor
When she's not busy watching movies and TV shows or traveling to new places, Jam is probably on Facebook. Or Twitter. Or…
Facebook says Apple didn’t let it tell users about App Store tax
facebook paid event image

Facebook claims Apple made it remove a note that informed users paying for an online event on iOS about the mandatory 30% App Store tax, Reuters reports.

While announcing its new paid online events feature, Facebook committed to a zero-fee policy allowing small businesses and creators to keep 100% of the revenue they generate -- except for if the user is paying on an iOS app. There, due to Apple’s mandatory in-app purchase tax, the social network said it planned to label online event ticket purchases with a message that read: “Apple takes 30% of this purchase.” On Android, the note says: "Facebook doesn't take a fee from this purchase."

Read more
Facebook seeks to protect election integrity with its new voting info hub
Trump with Facebook CEO Mark Zuckerberg stylized image

 

Facebook’s information hub for voting resources, which it announced a few weeks ago, is now available in the United States. The social network wrote in a blog post that by offering quick access to accurate and authoritative voting information, it wants to help “protect the integrity of our elections” and “navigate a confusing election process.”

Read more
Facebook says iOS 14’s new privacy tools could harm its ad business
apple ios 14 beta hands on review siri icon

Apple has made it even more difficult for developers to mine your data on iOS 14. One of the new additions prevents advertisers from covertly tracking you across nearly all apps and websites, and Facebook, for one, is not looking forward to it.

On Facebook’s second-quarter follow-up earnings call, David Wehner, the company’s chief financial officer, called the forthcoming update a “headwind” and said it will “make it harder for app developers and others to grow using ads on Facebook and, really, outside of Apple, to some extent.”

Read more