Social networking site has 7.5 million underage users in US, finds report IT security company Symantec has said that Facebook could have inadvertently leaked users' personal information to third parties and advertisers over the past few years.
The revelation comes at a time when there are growing privacy and security concerns about the services of some of the biggest IT companies, including Google, Apple and Sony.
Symantec said in its official blog that a programming bug on Facebook's website could have caused the leakage which included details such as profiles, photographs and chats.
"We estimate that as of April 2011, close to 100,000 applications were enabling this leakage," the blog said.
"Third parties, in particular advertisers, have accidentally had access to Facebook users' accounts including profiles, photographs, chat, and also had the ability to post messages and mine personal information," it said.
"Symantec has discovered that in certain cases, Facebook IFRAME applications inadvertently leaked access tokens to third parties like advertisers or analytic platforms. We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties."
However, the company said that Facebook has patched the bug and the information of users is now safe.
"Fortunately, these third-parties may not have realised their ability to access this information. We have reported this issue to Facebook, who has taken corrective action to help eliminate this issue."
Facebook has not commented on the matter so far.
Meanwhile, a survey by Consumer Reports has found that last year, the social networking site had 7.5 million underage users in the US alone, a violation of the site's policies which require users to be at least 13 years old.
The Consumer Reports "State of the Net" survey found that over five million of the users were under age 11, adding that more than 5 million US households were exposed to threats such as virus infections and identity theft. Facebook also has one million children who have been bullied on the site, Consumer Reports said.
The revelation comes at a time when there are growing privacy and security concerns about the services of some of the biggest IT companies, including Google, Apple and Sony.
Symantec said in its official blog that a programming bug on Facebook's website could have caused the leakage which included details such as profiles, photographs and chats.
"We estimate that as of April 2011, close to 100,000 applications were enabling this leakage," the blog said.
"Third parties, in particular advertisers, have accidentally had access to Facebook users' accounts including profiles, photographs, chat, and also had the ability to post messages and mine personal information," it said.
"Symantec has discovered that in certain cases, Facebook IFRAME applications inadvertently leaked access tokens to third parties like advertisers or analytic platforms. We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties."
However, the company said that Facebook has patched the bug and the information of users is now safe.
"Fortunately, these third-parties may not have realised their ability to access this information. We have reported this issue to Facebook, who has taken corrective action to help eliminate this issue."
Facebook has not commented on the matter so far.
Meanwhile, a survey by Consumer Reports has found that last year, the social networking site had 7.5 million underage users in the US alone, a violation of the site's policies which require users to be at least 13 years old.
The Consumer Reports "State of the Net" survey found that over five million of the users were under age 11, adding that more than 5 million US households were exposed to threats such as virus infections and identity theft. Facebook also has one million children who have been bullied on the site, Consumer Reports said.
0 comments:
Post a Comment