Recently the Canadian government garnered a privacy win against Facebook for their practices. To their credit they stepped up rather than whine. Good.
However.
It would appear that the good folks at Facebook have a wee bit of a problem with respects to data leakage again. Thanks for the numerous tips from folks on Twitter. This time, one of Facebook’s servers seems to be misconfigured and as a result exposing information of people. A simple google dork revealed over 16,900 user pages and their notes on Facebook.
Screen cap of a user:
Screen cap of a user:
Screen cap of a user:
No word at this point as to whether or not Facebook is working to fix the problem. Although I’m sure hope they are.
[tags]Facebook Data Leak, Facebook Privacy[/tags]
As far as I can tell, this is normal if the notes are public.
It’s not related to this specific server,
you can see the same records at
http://www.facebook.com/notes.php?id=1242588970
This wasn’t the view of at least one of the people affected. It may in fact be the case but, I could not find anything to support the “normal” aspect.
Thanks for the comment.
It’s possible Facebook could be allowing some Notes posted regardless of privacy settings, this has happened with other settings in the past. Regardless, the lesson here is that there are specific privacy setting for Notes that everyone should double-check in Privacy -> Notes. My suggestions are to set the following: “Who can see your notes” = Only Friends, “Comments” = Only Friends can comment, “Syndication” = No one can subscribe. The problem with notes is that many of these are “25 random things about you” and similar notes people fill out…can anyone say “password reset questions?” 🙂