When I checked my inbox early today morning, among other emails, I had one email from Facebook with subject line “Facebook Important Message”. I thought it to yet another mail from Facebook informing me about some changes they have made to their privacy, or something on similar lines.
But when I opened it, the message got me worried – Here is the verbatim text of the message sent by Facebook
Your privacy is incredibly important to everyone who works at Facebook, and we’re dedicated to protecting your information. While many of us focus our full-time jobs on preventing or fixing issues before they affect anyone, we recently fell short of our goal and a technical bug caused your telephone number or email address to be accessible by another person.
The bug was limited in scope and likely only allowed someone you already know outside of Facebook to see your email address or telephone number. That said, we let you down and we are taking this error very seriously.
Describing what caused the bug can get pretty technical, but we want to explain how it happened. When people upload their contact lists or address books to Facebook, we try to match that data with the contact information of other people on Facebook in order to generate friend recommendations. Because of the bug, the email addresses and phone numbers used to make friend recommendations and reduce the number of invitations we send were inadvertently stored in their account on Facebook, along with their uploaded contacts. As a result, if a person went to download an archive of their Facebook account through our Download Your Information (DYI) tool, which included their uploaded contacts, they may have been provided with additional email addresses or telephone numbers.
Here is your contact Information (inadvertently accessible by at most 2 Facebook users):
We estimate that 2 Facebook users saw this additional contact info displayed next to your name in their downloaded copy of their account information. No other info about you was shown and it’s likely that anyone who saw this is not a stranger to you, even if you’re not friends on Facebook.
We recognize that mistakenly sharing contact info is unacceptable, even if you are acquainted with people who saw these details, and we’ve taken measures to prevent this from happening again. For more information on the bug, please read our blog post.
All of us at Facebook take this issue very personally. We appreciate your ongoing use of Facebook, and are working every day to deliver the level of service you expect and deserve.
The Facebook Team
Now, it is definitely a good thing that Facebook’s internal team was able to catch this bug and rectify it before it was exploited by hackers. However, the worry I have is, Facebook may not be telling entire truth. There are discrepancies between the mail they sent to users and the blogpost they have put up!
While the mail sent to me says “2 Facebook users saw this additional information”, the blog post that they put up says “an email address or telephone number was only exposed to one person”.
Also, few months back my Facebook account was hacked and most likely reason was the old yahoo email ID attached with it.
I just hope that Facebook is telling the truth and scope of this breach is limited to one or 2 people within my acquaintances, because if that is not the case, this might really be quite serious.
Did any of you get such an email from Facebook?