Remember last week, when Naked Security et al. told you that
Facebook leaked email addresses and phone numbers for 6 million users, but that it was really kind of a modest leak, given that it's a billion-user service?
OK, scratch the "modest" part.
The
researchers who originally found out that Facebook is actually
creating secret dossiers for users are now saying the numbers don't quite match up.
The number of affected users Facebook noted in
a posting on its security blog is far less than what they themselves found, and Facebook is also "hoarding non-user contact information - seen when it was also shared and exposed in the leak,"
writes ZDNet's Violet Blue.
The bug involved the exposure of contact details when using the Download Your Information (DYI) tool to access data history records, which resulted in access to an address book with contacts users hadn't provided to Facebook
