Facebook Inc (NASDAQ:FB) revealed on Friday that its security team received a report to its White Hat Program about a bug affected the accounts of approximately 6 million users. According to the social network giant, the bug exposed personal contact information such as the e-mail or phone number of an account user.
In a blog post, the security team of Facebook Inc (NASDAQ:FB) explained that that the account information of users affected by the bug became accessible to people who have contact or connection with them.
Facebook Inc (NASDAQ:FB) emphasized that describing the cause of the bug can be very technical, but the security team tried their best to explain how the problem happened. According to the security team, “When people upload their contact lists or address books to Facebook, we try to match that data with the contact information of other people on Facebook in order to generate friend recommendations.”
The security team added, “For example, we don’t want to recommend that people invite contacts to join Facebook if those contacts are already on Facebook; instead, we want to recommend that they invite those contacts to be their friends on Facebook.”
Facebook Bug Released Contact Info When Suggesting Friends
According to the social network giant’s security team, the bug mistakenly stored some of the information used to make friend recommendations and to reduce the number of invitations sent to people as part of their contact information on their account on Facebook Inc (NASDAQ:FB).
Users who downloaded an archive of their Facebook account using the Download Your Information (DIY) Tool were provided with the e-mail addresses and telephone numbers of the people whom they contacted or have connection. The social network giant stated that the contact information may have been accidentally included with the contact of the person who used the DIY tool.
Facebook Inc (NASDAQ:FB) said the DIY tool was immediately disabled after the security team evaluated and confirmed the bug. The security team was able to resolve the bug the following day.
Facebook Bug Was Not Used Maliciously
The security team assured that the bug was not exploited maliciously and they did not observe anomalous behavior on the tool or site that demonstrates any wrong doing. The company did not receive any complaints from users, and regulators in Canada, Europe, and United States were informed about the issue.
Meanwhile, Facebook Inc (NASDAQ:FB) recently added a video sharing capability to Instagram, which makes the service more compelling and more lucrative to attract video advertising, according to analysts at RBC Capital Markets.
