Facebook admits year-long data breach exposed six million users

SAN FRANCISCO Sat Jun 22, 2013 12:21am BST

Mark Zuckerberg, Facebook's co-founder and chief executive introduces 'Home' a Facebook app suite that integrates with Android during a Facebook press event in Menlo Park, California, April 4, 2013. REUTERS/Robert Galbraith

Mark Zuckerberg, Facebook's co-founder and chief executive introduces 'Home' a Facebook app suite that integrates with Android during a Facebook press event in Menlo Park, California, April 4, 2013.

Credit: Reuters/Robert Galbraith

Related Topics

Quotes

   

SAN FRANCISCO (Reuters) - Facebook Inc has inadvertently exposed 6 million users' phone numbers and email addresses to unauthorized viewers over the past year, the world's largest social networking company disclosed late Friday.

Facebook blamed the data leaks, which began in 2012, on a technical glitch in its massive archive of contact information collected from its 1.1 billion users worldwide. As a result of the glitch, Facebook users who downloaded contact data for their list of friends obtained additional information that they were not supposed to have.

Facebook's security team was alerted to the bug last week and fixed it within 24 hours. But Facebook did not publicly acknowledge the bug until Friday afternoon, when it published an "important message" on its blog explaining the issue.

A Facebook spokesman said the delay was due to company procedure stipulating that regulators and affected users be notified before making a public announcement.

"We currently have no evidence that this bug has been exploited maliciously and we have not received complaints from users or seen anomalous behaviour on the tool or site to suggest wrongdoing," Facebook said on its blog.

While the privacy breach was limited, "it's still something we're upset and embarrassed by, and we'll work doubly hard to make sure nothing like this happens again," it added.

The breach follows recent disclosures that several consumer Internet companies turned over troves of user data to a large-scale electronic surveillance program run by U.S. intelligence.

The companies include Facebook, Google Inc, Microsoft Corp, Apple Inc and Yahoo Inc.

The companies, led by Facebook, successfully negotiated with the U.S. government last week to reveal the approximate number of user information requests that each company had received, including secret national security orders.

(Reporting by Gerry Shih; Editing by Richard Chang)

FILED UNDER:
Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.