• United States



by Senior Editor

Facebook security flaw makes private chats public

May 05, 20102 mins
Data and Information SecurityFacebookPrivacy

Facebook is dealing with the fallout of a security hole that gave users the ability to see what their friends were saying to others during private chats

Facebook said Wednesday a security flaw allowed many users to see the private chats of their friends.

The flaw was first reported on TechCrunch this morning, complete with a video demonstration of how the exploit works. Facebook disabled the chat feature on the site to deal with the situation. In a statement to press, Facebook officials said they were aware of the problem.

“For a limited period of time, a bug permitted some users’ chat messages and pending friend requests to be made visible to their friends by manipulating the “preview my profile” feature of Facebook privacy settings,” the statement read. “When we received reports of the problem, our engineers promptly diagnosed it and temporarily disabled the chat function. We also pushed out a fix to take care of the visible friend requests which is now complete. Chat will be turned back on across the site shortly. We worked quickly to resolve this matter, ensuring that once the bug was reported to us, a solution was quickly found and implemented.”

There was no word as to how many Facebook users were impacted by the flaw. Facebook has been the subject of criticism lately over security oversights, as well as changes that call privacy into question. CSO examined several of these issues in 10 security reasons to quit Facebook; also see Social Media Risks: The Basics.