The Wall Street Journal has published an article detailing a new security breach with Facebook and its applications. WSJ claims that some of the most popular applications on Facebook have been transmitting user identification data, something they are claiming affects everyone regardless of privacy settings. The investigation from the WSJ has found that names and in some cases Facebook user id’s were passed along to third-party companies; specifically internet tracking groups and advertisers.
Some of the Apps in question are the sites most popular applications – Zynga’s Farmville, Frontierville, and Texas Hold Em Poker. These three Top 10 apps were also mentioned in the investigation as transmitting information about a user’s friends.
“The apps reviewed by the Journal were sending Facebook ID numbers to at least 25 advertising and data firms, several of which build profiles of Internet users by tracking their online activities.
Defenders of online tracking argue that this kind of surveillance is benign because it is conducted anonymously. In this case, however, the Journal found that one data-gathering firm, RapLeaf Inc., had linked Facebook user ID information obtained from apps to its own database of Internet users, which it sells. RapLeaf also transmitted the Facebook IDs it obtained to a dozen other firms, the Journal found.” – The Wall Street Journal
Facebook has responded on their blog that the breach was a technical mistake that “inadvertently” allowed third parties to pass along UID information. HOwever, Facebook’s Mike Vernal reports that the implications of sharing a UID have been “exaggerated”, and that access to a UID does not automatically give someone direct access to a users private information or profile.
For more information on safe web browsing check out the SecurePurdue webpage.