Friendly Computers read that FBHive, which is a new blog devoted to facebook topics found a crack that could expose users’ general account information. If you use facebook you may want to read this even though the threat has been resolved.
Well, here's an innovative way to get some buzz: FBHive, a new blog devoted to the discussion of all things Facebook, has debuted with the revelation that its creators have discovered a hack that can expose some crucial profile data.
No, it won't expose your personal photos or wall posts. But, FBHive says, it can bring up all the "basic information" that you have entered into your profile, even if you've elected to keep that information private. This is the section that includes location, gender, relationship status, relationships (significant other, parents, siblings), political views, religious views, birthday, and hometown. That's enough to be a problem in the identity theft department, as it could easily expose frequent password hints like dates of birth and mothers' maiden names.
Security holes are nothing new to social networks: last year, Facebook plugged a leak that exposed members' protected photos via the Facebook mobile site, and another hole was discovered about a year ago that exposed members' birth dates.
Admirably, FBHive has not shared the details of the newly discovered hack; more disconcertingly, it said Facebook has done nothing since it alerted the social network to the issue earlier this month.
"We are not malicious hackers, by any means, and our skills are far from advanced," the post read. "We here at FBHive are fans of Facebook, but when a security hole as big as this is discovered and brought to (Facebook's) attention, it shouldn't take 15 days to fix."
A Facebook representative said the company is currently "looking into" the matter and will have more information soon.
UPDATE at 11:14 a.m. PT: "We have identified this bug and closed the loophole," an e-mailed statement from Facebook read. "We don't have any evidence to suggest that it was ever exploited for malicious purposes."
Source: http://news.cnet.com/8301-13577_3-10270002-36.html?tag=newsEditorsPicksArea.0
