- Lightsaber dueling is now an official sport Monday 9:39 PM
- ‘Fake plane challenge’ takes off on TikTok Monday 8:15 PM
- Video meme of a mom dancing with her kids goes viral—again Monday 7:26 PM
- ‘Due to personal reasons’ meme enables questionable behavior Monday 3:36 PM
- Why do white rappers write lyrics about being good hypothetical dads? Monday 3:29 PM
- Roger Stone posts, then deletes, Instagram of his judge with small crosshairs next to her Monday 2:32 PM
- People are Googling Rihanna and their birthday in a Twitter challenge Monday 2:13 PM
- Here are all of the Fortnite earthquake cracks thus far Monday 1:21 PM
- New Apex Legends characters leaked by data miners Monday 12:36 PM
- Ken Jeong falls back on crude humor and lazy stereotypes in ‘You Complete Me, Ho’ Monday 12:24 PM
- 14 artsy cartoon mugs that’ll help make your days more creative Monday 12:15 PM
- Netflix cancels ‘Jessica Jones’ and ‘The Punisher’ Monday 11:26 AM
- YouTube is fueling the rise in flat earth believers Monday 11:04 AM
- Review: Crackdown 3 is not a world worth saving Monday 11:00 AM
- Scathing privacy report calls Facebook a ‘digital gangster’ Monday 10:50 AM
The personal contact information for an estimated 6 million users was compromised recently, Facebook announced late Friday.
Due to the bug, information that Facebook normally uses to recommend friends, including emails and phone number, was included in their own contact details. So whenever users downloaded an archive of their Facebook account through the Download Your Information (DYI) tool, they also downloaded these emails and phone numbers, regardless of whether their friends had made the details publicly available.
Facebook was alerted to the bug by its White Hat program, which encourages developers to report vulnerabilities on the site for a monetary reward. The site immediately disabled the tool and brought it back online the following day.
“There were other email addresses or telephone numbers included in the downloads, but they were not connected to any Facebook users or even names of individuals,” the company explained on the Facebook Security page.
The company stressed that it has no evidence that any of the contact information inadvertently shared through the bug was maliciously exploited and it believes that the bug’s impact was minimal.
“Your trust is the most important asset we have, and we are committed to improving our safety procedures and keeping your information safe and secure,” Facebook said.
Facebook said that it has notified regulators in the U.S., Canada, and Europe, and the company is in the process of contacting the affected users by email.
It’s not the first privacy scare for Facebook users this year. In January, a bug in the popular curation tool Storify allowed users to publish any status update shared by their friends on Facebook, whether they were private or not. Earlier this month, critics alleged that Facebook’s new Swedish data center allowed for unfettered snooping on user data, thanks to a law permitting the government to listen in on any data that passes its borders.
Illustration by Jason Reed
Michelle Jaworski is a staff writer and the resident Game of Thrones expert at the Daily Dot. She covers entertainment, geek culture, and pop culture and has brought her knowledge to conventions like Con of Thrones. She is based in New Jersey.