Facebook is alerting its users about a security breach due to a technical glitch, that may have inadvertently exposed the email addresses and telephone numbers of roughly 6 million users.
"We recently received a report to our White Hat program regarding a bug that may have allowed some of a person’s contact information (email or phone number) to be accessed by people who either had some contact information about that person or some connection to them," Facebook said in its announcement.
The problem stemmed from a tool that allows users to upload their contact lists or address books to Facebook so that the social network can serve up friend recommendations or invite people to join Facebook.
"Because of the bug, some of the information used to make friend recommendations and reduce the number of invitations we send was inadvertently stored in association with people's contact information as part of their account on Facebook,"
As a result, if a person went to download an archive of their Facebook account through or Download Your Information (DYI) tool, they may have been provided with additional email addresses or telephone numbers for their contacts or people with whom they have some connection.
After report, Facebook immediately disabled that DYI tool in order to fix the problem and then turned the DYI back on the next day, after addressing the issue.
Facebook said so far it has no evidence to believe the bug was exploited and has not received complaints from users.
The breach follows recent disclosures that several consumer Internet companies turned over troves of user data to a large-scale electronic surveillance program run by U.S. intelligence.