Social networking giant, Facebook, Inc(FB), Friday reported a security bug that negligently exposed personal account information of six million users. Facebook added that it temporarily disabled the Download Your Information or DYI tool to clear the issue, and turned it on after the bug got fixed. On the Facebook Security page, the site's White Hat team said that giving out an explanation of why the bug popped would be technical but instead added a brief detail of how it happened.
The team said that when people key in their address books to Facebook, they try to match the given data with the correct information of their people on Facebook, which would help them generate friend recommendations. The bug compromised the contact information and inadvertently stored it in association with people's contact information as part of their account on Facebook.
Due to the bug, if a person wanted to download an archive of their Facebook account through the DYI tool, they might have been given some additional email addresses or numbers for their contacts with whom they monitor some connection. Facebook said that for every email address or number misplaced due to the bug, each individual piece of information was included in the download 'only once or twice.'
Furthermore, Facebook said that there is no evidence that the bug has been exploited maliciously and the company has not received any complaints from its users. The California-based firm added that the impact of the bug is likely to be minimal since the number or mail id shared would be known to the users, as they would have connection with the person whose contact has been compromised. The company already notified regulators in the US, Canada and Europe and it is in the process of notifying affected users through mail.
For comments and feedback: editorial@rttnews.com