Skip Links

Facebook security flaw makes private chats public

By Joan Goodchild, CSO
May 05, 2010 03:23 PM ET

CSO - Facebook said Wednesday a security flaw allowed many users to see the private chats of their friends.

The flaw was first reported on TechCrunch this morning, complete with a video demonstration of how the exploit works. Facebook disabled the chat feature on the site to deal with the situation. In a statement to press, Facebook officials said they were aware of the problem.

"For a limited period of time, a bug permitted some users' chat messages and pending friend requests to be made visible to their friends by manipulating the "preview my profile" feature of Facebook privacy settings," the statement read. "When we received reports of the problem, our engineers promptly diagnosed it and temporarily disabled the chat function. We also pushed out a fix to take care of the visible friend requests which is now complete. Chat will be turned back on across the site shortly. We worked quickly to resolve this matter, ensuring that once the bug was reported to us, a solution was quickly found and implemented."

There was no word as to how many Facebook users were impacted by the flaw. Facebook has been the subject of criticism lately over security oversights, as well as changes that call privacy into question. CSO examined several of these issues in 10 security reasons to quit Facebook; also see Social Media Risks: The Basics.

Read more about data protection in CSOonline's Data Protection section.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News