Facebook Security Flaw Allowed Access To User Accounts
MOUNTAIN VIEW (CBS/AP) — Security firm Symantec said it has discovered a security flaw in Facebook that inadvertently gives advertisers and other outside parties access to people’s accounts.
Palo Alto-based Facebook said it has fixed the problem and found no evidence that any private information was shared with any outside party.
Symantec said Tuesday that the outside parties may not have realized that they were able to access users’ profiles, photos and chats. The security firm estimates that some 100,000 applications were enabling the data leak.
Mountain View-based Symantec said the problem was leaking “access tokens”—akin to spare keys. They let apps access your profile if you gave them permission.
(Copyright 2011 by CBS San Francisco. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. Wire services may have contributed to this report.)