Facebook has started sending out warning emails to users whose personal information has been compromised by the security bug it confirmed yesterday, confirming which pieces of data were exposed. The bug exposed some six million Facebook users’ email addresses and telephone numbers to other site users because Facebook had “inadvertently stored [it] in association with people’s contact information as part of their account on Facebook”.
Facebook says it uses this data so it can generate friend request recommendations.
The notification email — we’re embedding a copy of an email sent to one Facebook user below — echoes what Facebook’s security team said in a blog post about the data breach yesterday. It explains the scope of the bug and goes into the same level of technical detail as to how it happened. It also confirms which specific piece (or pieces) of personal data were exposed for that particular user.
In the below email, two pieces of data have been compromised (a phone number and an email address). In another sample letter sent to TechCrunch by a tipster the user has had six pieces of data compromised (one phone number and five email addresses). That user, Jeisson Neira, who works for IT company IQTHINK, said the breach is unlikely to make him change his behaviour towards Facebook — but only because he already takes care with the data he posts to the site.