In a post to the company’s security blog this afternoon, Facebook said that it had accidentally disclosed phone numbers and email addresses for six million of its users.
The information was released because of a bug in Facebook’s Download Your Information tool that accidentally gave users additional contact info for friends, or friends of friend,s that was included in the company’s friend suggestion system. According to Facebook, only email addresses and phone numbers were affected by the bug, not any other personal or financial information.
The good news is that if you were affected your info is probably in the hands of someone you know, or someone who Facebook might count as a friend of a friend, and your contact information hasn’t been distributed far and wide.
“For almost all of the email addresses or telephone numbers impacted, each individual email address or telephone number was only included in a download once or twice. This means, in almost all cases, an email address or telephone number was only exposed to one person.”
The leak was found by a security researcher, who reported it to Facebook through the company’s White Hat program.
Facebook says that it is currently in the process of emailing users whose data was affected by the bug.