Simple Facebook Flaw Put All Members at Risk of Identity Theft
June 23, 2009 by admin
Filed under Security News
89 views 6 Comments
IT security and control firm Sophos is again reminding internet users that their personal information may be being placed at risk – and is perhaps best kept off the internet – following news that popular social networking website Facebook contained a flaw that could have allowed hackers to access sensitive profile information about any of the site’s 200 million plus users.
Sophos notes that this data, which includes date of birth, home town, gender, family members, relationship status and political and religious views, could then have been used to commit ID fraud.
The creators of blog FBHive.com discovered a simple hack that would show everything listed in a Facebook member’s “Basic Information” panel, even if this information had been hidden by the user with the website’s security settings. Using the security hole, FBHive was able to access personal information about Facebook CEO Mark Zuckerberg, Digg Founder Kevin Rose, and famous blogger Cory Doctorow.
The vulnerability has now been fixed by Facebook, but it is unknown if hackers have been using information exposed by the security flaw for criminal ends.
“It’s great that Facebook has fixed this loophole, but disturbing that the vulnerability was there in the first place – as millions of Facebook users could potentially have been in danger of having information snatched which they believed to have been secured,” said Graham Cluley, senior technology consultant at Sophos. “Of course, this isn’t the first time that Facebook has found itself in the spotlight for not properly securing its users’ information. Just last month, a security loophole was found that could have allowed identity thieves and spammers to gather users’ personal email addresses. Maybe people need to learn that if they really want to be secure on social networks they shouldn’t rely on the website keeping their data safe and sound – maybe it’s better not to upload any personal information in the first place.”
Source : sophos
Related posts:
- Embarrassing privacy flaw found on Facebook
- Facebook flaw allowed websites to steal users’ personal data without consent
- Rogue Facebook apps can now access your home address and mobile phone number
- Details of 100 million Facebook users were *already* exposed on the net
- The Hacker Door Facebook security scare
identity theft is very common on the internet so be careful about phising sites:*.
identity is rampant both online and offline, always make sure that you don’t share unecessary info about yourself*,,
on the internet, identity theft is a very common scam so always protect your personal info ,`.
Indeed. That is why I’m very careful with what I am sharing on the internet. However, I think Facebook has already attended to that matter, right? The brand new privacy settings hides your info from public and unwanted prying eyes, if you know what i mean or I do hope that it does work.
Thanks for sharing this information! Have a nice day!
“The vulnerability has now been fixed by Facebook, but it is unknown if hackers have been using information exposed by the security flaw for criminal ends.”
Even if facebook have fixed this problem, there are still many hackers in the world that could make another step to the social networking site,anyway how long did it take before they knew they’re being hacked?
It is Great! Thank you.