Many major companies suffer data breaches over the course of the year, but now one of the most recognizable names on the Web has revealed that it too was victimized by an incident that took nearly a year to recognize.
Facebook recently revealed that it suffered a data breach for a period of several months or more that exposed the contact information for some 6 million users who had set that data to be private, according to a report from the massive social network’s security blog. In particular, the Facebook data breach came as a result of a bug in the available option to download all contact information for Facebook friends, as well as people who had been suggested as friends using the company’s various algorithms.
The bug was first reported to Facebook some time ago by a third-party security expert, and was remediated within 24 hours of the information having been received, the report said. However, the Facebook data breach was not revealed until more recently because of the company’s internal policies about contacting various regulators about the issue, and trying to get into contact with those affected by the incident, prior to a public acknowledgement.
“Even with a strong team, no company can ensure 100% prevention of bugs, and in rare cases we don’t discover a problem until it has already affected a person’s account,” the blog entry said. “This is one of the reasons we also have a White Hat program to collaborate with external security researchers and help us ensure that we maintain the highest security standards for our users.”
The company further noted that the Facebook data breach did not, as far as it can tell, lead to any such information being used maliciously for the period in question, and that in nearly all cases that data was limited to being accessed by one person, the report said. Further, the exposure of these contact details for users was all that was available; financial or personal data beyond that was not exposed. Finally, only Facebook users, and not advertisers or developers, could gain access to it.
Data breaches can expose all sorts of personal and financial information on consumers in a variety of ways, depending upon the companies suffering them. For this reason, Americans should keep a close eye on all their financial accounts and documents, including credit card bills, bank statements and credit reports, to make sure they have not been exposed.