Facebook seems to have some serious security vulnerabilities that is yet to be patched. Today the Skull Security Team, has released a torrent file that consist of 100 million facebook users profile data.
A security researcher on Wednesday released a file containing the names, profile addresses and unique identification numbers of more than 100 million Facebook users.
The information was corralled via a public directory Facebook makes available that lists users who are sharing at least some of their profile information with everyone on the Internet. It was collected and uploaded by Ron Bowes, a security researcher with Skull Security.
Although the information in the file is freely available online through search engines and Facebook’s own directory, the organized list of names and identification numbers in it could make it easier for others to compile users’ e-mail addresses, location or other data they have made available. The 2.8-gigabyte BitTorrent file also includes the programming code that Mr. Bowes used to scan the directory list.
Facebook issued a statement via e-mail noting that the list of users’ names is not a threat to those who are comfortable sharing publicly:
Facebook has said in the past that a large portion of its users change some of their privacy settings on the Web site. Some users choose not to change their privacy settings and happily share personal images and content with the whole Web. But some fail to change their settings due to a lack of understanding of the available options.
Mr. Bowes said in a blog post that he decided to compile the list of user information and share it online to show that there is “a scary privacy issue” at play with the way people share their information with the rest of the Web through Facebook. It was not clear what his motives were for publicly sharing the the list online.
Facebook users who want to keep their information off of the wider Internet should go into the Facebook privacy settings tab and change the “Sharing on Facebook” options to “Friends only.” Those who want to keep their profiles from being found in search engines like Google should also click the “Edit your settings” link at lower left and change the setting for “Public Search.”