Skip to main content

Facebook says security mishap exposed 6 million users’ contact info

fb security issueReally … another security breach? We thought Facebook would have things all figured out after it once mislabeled “phone number” as “email address”, confusing a lot of people and app developers in the process. But the major mishap of unwittingly unleashing users’ phone numbers into the Internet wild has happened yet again: Facebook just announced that a bug may have unveiled personal information provided by over 6 million Facebook users.

The bug reportedly caused some of the information usually sent by Facebook to make contact suggestions and lessen the number of friend invites – like the user’s phone number or email address – to be accidentally stored as part of the user’s public contact details. As a result, if a person decided to use the Download Your Information (DYI) tool to access a full archive of their Facebook account, it would include all the emails and phone numbers of all their friends, whether they intended to share it or not.

Related Videos

The social networking site was made aware of the security bug by its own White Hat program, an initiative that financially rewards developers who successfully report weaknesses in the Facebook system. Facebook temporarily took the tool down and put it back online a day after the bug was initially reported. “There were other email addresses or telephone numbers included in the downloads, but they were not connected to any Facebook users or even names of individuals,” Facebook assured users on its official Security page. “For almost all of the email addresses or telephone numbers impacted, each individual email address or telephone number was only included in a download once or twice. This means, in almost all cases, an email address or telephone number was only exposed to one person.”

Facebook ended their notice with the assertion that no evidence has been found proving that the vulnerable information was used in a malicious manner and that no user has filed a complaint for unusual account activity. The company tried to lessen the blow a tiny bit by noting that the bug’s effect is probably negligible, since the people who likely received their friends’ personal information could have already had access to the contact info in the first place. Nonetheless, Facebook was right to apologize to the public and promised to “work doubly hard to make sure nothing like this happens again.”

Facebook is currently in the process of notifying the 6 million individuals who were affected by the breach via email.

Editors' Recommendations

What is Reddit?
A person using Reddit on a Macbook.

If you spend a lot of time online, chances are you’ve heard of Reddit. The site once billed itself as the “front page of the internet,” and that’s not an empty boast. As of November 2022, Reddit is the fourth most visited site in the U.S., according to Semrush, and the sixth most visited worldwide. So, what exactly is Reddit? Essentially, it’s a massive collection of forums where people can share news and content or comment on other people’s posts. Here's everything you need to know.
Further reading

Best subreddits
Most popular YouTube videos

Read more
How to undo reposts on TikTok (and why you should)
Undo Repost button on the TIkTok app.

Like most social media apps, TikTok allows its users to repost content they like so that they can show their followers. However, unlike apps like Twitter that make it clear exactly how to un repost and when you've successfully undone it, TikTok is a little more vague.

Read more
Instagram’s new Notes feature rolls out with several others
Instagram's new Notes feature, released in December 2022.

Instagram continues to bring new features to its popular app, this week announcing Notes along with several others.

https://twitter.com/instagram/status/1602721854921134080

Read more