[Dataloss] Facebook publishes privacy information

[Henry Brown]

ONLY Birthdates but...



http://www.securitypark.co.uk/security_article.asp?articleid=261853&Categoryid=1

Personal information accidentally publicly revealed on Facebook

Facebook accidentally publicly revealed personal information about its 
members, which could be useful to identity thieves. Earlier this month, 
the full dates of birth of many of Facebook's 80 million active users 
were visible to others, even if the individual member had requested that 
the information remained confidential.

According to Graham Cluley, senior technology consultant at Sophos, a 
security slip-up by the website during the process of a public beta test 
of its new design for members' profiles left birth date information exposed.

"I was shocked to see people's full date of birth revealed, even though 
I knew they had their privacy set up correctly to supposedly hide the 
information," said Cluley. "It's essential that users of social networks 
should have confidence that their privacy will be protected - and it's 
especially important with information like your date of birth, which can 
be a golden nugget for a committed identity thief."

Cluley says he informed Facebook as soon as he discovered the flaw, 
which now appears to have been fixed.

"It's good that Facebook fixed the problem - but can people feel 
confident that this kind of mistake won't happen again in future?" he 
asked. "My advice to Facebook users would be, even if your date of birth 
is set to be non-visible, change it to a made-up date in case this kind 
of blunder happens again. Facebook and other social networking websites 
need to be more careful about protecting their members' data, or risk 
losing users."