The roll-out of a new Facebook
profile design has been marred by a security slip-up, says security
firm Sophos.
Sophos has warned computer users that Facebook has accidentally
publicly revealed personal information about its members, which
could be useful to identity thieves.
Earlier this week, the full dates of birth of many of Facebook's
80m active users were visible to others, even if the individual
member had requested that the information remained
confidential.
Graham Cluley, senior technology consultant at Sophos, said a
security slip-up by the website during the process of a public beta
test of its new design for members' profiles, left birth date
information exposed.
"I was shocked to see peoples' full date of birth revealed, even
though I knew they had their privacy set up correctly to supposedly
hide the information," said Cluley.
"It's essential that users of social networks should have
confidence that their privacy will be protected, and it's
especially important with information like your date of birth,
which can be a golden nugget for a committed identity thief."
Cluley says he informed Facebook as soon as he discovered the
flaw, which now appears to have been fixed.
He said, "It's good that Facebook fixed the problem, but can
people feel confident that this kind of mistake won't happen again
in the future?"
"My advice to Facebook users would be, even if your date of
birth is set to be non-visible, change it to a made-up date in case
this kind of blunder happens again."
More
on the Facebook security hole.
Facebook users would switch bank for web 2.0 banking services
>>
Facebook in hot water with UK information commissioner
>>