The phone numbers and email addresses of nearly six million Facebook users were accidentally exposed as the result of a year-long data leak, officials from the social network confirmed on Friday.
Facebook officials blamed the release of the contact information, which started back in 2012, on a technical glitch in a system which allows individuals to upload contact lists or address books, Reuters and USA Today have reported.
As a result of the bug, Facebook users who downloaded contact information from the people on their friends list were provided with information they were not supposed to have access to. Security officials at the popular social media website were reportedly notified of the glitch last week and fixed it in less than 24 hours.
Facebook did not immediately notify users because company policy dictates regulators and affected users be notified privately before the company publicly announces any breaches or other security issues. However, they are confident the data has not been used maliciously and no additional information was made accessible.
“Although the practical impact of this bug is likely to be minimal since any email address or phone number that was shared was shared with people who already had some of that contact information anyway… it’s still something we’re upset and embarrassed by, and we’ll work doubly hard to make sure nothing like this happens again,” Facebook officials said in a statement. “Your trust is the most important asset we have, and we are committed to improving our safety procedures and keeping your information safe and secure.”
In an email sent to affected users (and reprinted by the folks at TechCrunch), the social network said the bug was “limited in scope and likely only allowed someone you know outside of Facebook to see your email address or phone number.” Readers who contacted the technology news website said between two and six pieces of contact information had been leaked, and that in all cases they were advised no more than one person had access to the data.
According to Alexis Kleinman of the Huffington Post, Facebook was alerted to the issue by a member of its “White Hat” program, which offers hackers a minimum reward of $500 for anyone who locates and reports glitches on the website. The actual amount of the reward is based on how severe and/or creative a reported bug happens to be.