Friday, June 14th, Facebook announced the fix of a bug it said unknowingly revealed the private data of over six million users when Facebook’s previously nameless shadow profiles unintentionally merged with user accounts in data history record requests.
According to Reuters, the data leak spanned a year beginning in 2012.
The personal data leaked by the bug is data that hadn’t been granted to Facebook by the users – it’s information Facebook has been compiling on its users behind their backs.
Users were obviously unaware that offsite information about them was being accumulated, matched to them, and stored by Facebook.
Looking at comments on Facebook’s blog, Facebook users are furious that the phone numbers and email addresses that are considered private information have been accumulated and saved (and now unintentionally shared) by Facebook.
One user commented, “I just downloaded the “extended backup” and I’m still viewing emails and phone numbers that are NOT PUBLIC!!!!”
Facebook has officially stated that it does not know of any malicious use utilizing the bug.
This seems to be the first time Facebook has publicly accepted that users’ shadow profiles comprise of more than native data and also contain information that Facebook has harvested.