Massive Facebook fraud scare as website accidentally publishes dates
of birth of millions of users

Facebook was at the centre of a massive ID fraud scare yesterday after
it accidentally published confidential information about its users.

In a huge breach of privacy, the social networking site disclosed the
dates of birth of many of its 80 million active users - even if they
had asked for the information to be kept secret. Although the details
have now been removed, there are concerns that internet fraudsters
could use the information to commit identity theft.

Facebook is one of the fastest growing and most popular services on
the internet.

It allows people to create home pages devoted to themselves, and then
swap pictures, news, trivia and gossip with a circle of friends,
family or acquaintances. Owners of a Facebook page can limit who has
access to personal details such as dates of births, phone numbers,
addresses and photographs. However, a test website of a new version of
Facebook made available to the public this week included confidential
details that should have been kept private.

The blunder was spotted by the computer security firm Sophos on Monday
evening.

'I was shocked to see people's full date of birth revealed, even
though I knew they had their privacy set up correctly to supposedly
hide the information,' said Sophos' Graham Cluley who discovered the
security slip. 'It's essential that users of social networks should
have confidence that their privacy will be protected - and it's
especially important with information like your date of birth, which
can be a golden nugget for a committed identity thief.'

Mr Cluley informed Facebook as soon as he discovered the flaw, which
now appears to have been fixed. 'It's good that Facebook fixed the
problem - but can people feel confident that this kind of mistake
won't happen again in future?' he said. 'My advice to Facebook users
would be, even if your date of birth is set to be non-visible, change
it to a made-up date in case this kind of blunder happens again.
'Facebook and other social networking websites need to be more careful
about protecting their members' data, or risk losing users.'

Security experts have repeatedly warned that Facebook and other
networking sites like MySpace and Bebo expose people to identity
fraud.

Many of the user profile pages contain personal information such as
pet names, children's names, favourite sports teams and work details
that could be used to guess passwords. Others carry dates of birth,
phone numbers and addresses. One Facebook user even publicised his
mother's maiden name on his site - information that is often used by
banks to confirm identity over the phone.

Last year, Sophos published results of a identity theft probe into
Facebook which uncovered that 41 per cent of users would divulge
personal information - such as email address, date of birth and phone
number - to a complete stranger. People who publish personal
photographs and potentially embarrassing information on Facebook are
also in danger of ruining their future career opportunities. Around
one in five companies admits to routinely trawling Facebook to learn
more about job candidates. A senior tutor at Cambridge University has
also admitted to using Facebook to check up on potential students.


http://tinyurl.com/6k7wgy

Ed wrote:
> 
> Massive Facebook fraud scare as website accidentally publishes dates
> of birth of millions of users
> 
> Facebook was at the centre of a massive ID fraud scare yesterday after
> it accidentally published confidential information about its users.
> 
> In a huge breach of privacy, the social networking site disclosed the
> dates of birth of many of its 80 million active users - even if they
> had asked for the information to be kept secret. Although the details
> have now been removed, there are concerns that internet fraudsters
> could use the information to commit identity theft.
> 
> Facebook is one of the fastest growing and most popular services on
> the internet.
> 
> It allows people to create home pages devoted to themselves, and then
> swap pictures, news, trivia and gossip with a circle of friends,
> family or acquaintances. Owners of a Facebook page can limit who has
> access to personal details such as dates of births, phone numbers,
> addresses and photographs. However, a test website of a new version of
> Facebook made available to the public this week included confidential
> details that should have been kept private.
> 
> The blunder was spotted by the computer security firm Sophos on Monday
> evening.
> 
> 'I was shocked to see people's full date of birth revealed, even
> though I knew they had their privacy set up correctly to supposedly
> hide the information,' said Sophos' Graham Cluley who discovered the
> security slip. 'It's essential that users of social networks should
> have confidence that their privacy will be protected - and it's
> especially important with information like your date of birth, which
> can be a golden nugget for a committed identity thief.'
> 
> Mr Cluley informed Facebook as soon as he discovered the flaw, which
> now appears to have been fixed. 'It's good that Facebook fixed the
> problem - but can people feel confident that this kind of mistake
> won't happen again in future?' he said. 'My advice to Facebook users
> would be, even if your date of birth is set to be non-visible, change
> it to a made-up date in case this kind of blunder happens again.
> 'Facebook and other social networking websites need to be more careful
> about protecting their members' data, or risk losing users.'
> 
> Security experts have repeatedly warned that Facebook and other
> networking sites like MySpace and Bebo expose people to identity
> fraud.
> 
> Many of the user profile pages contain personal information such as
> pet names, children's names, favourite sports teams and work details
> that could be used to guess passwords. Others carry dates of birth,
> phone numbers and addresses. One Facebook user even publicised his
> mother's maiden name on his site - information that is often used by
> banks to confirm identity over the phone.
> 
> Last year, Sophos published results of a identity theft probe into
> Facebook which uncovered that 41 per cent of users would divulge
> personal information - such as email address, date of birth and phone
> number - to a complete stranger. People who publish personal
> photographs and potentially embarrassing information on Facebook are
> also in danger of ruining their future career opportunities. Around
> one in five companies admits to routinely trawling Facebook to learn
> more about job candidates. A senior tutor at Cambridge University has
> also admitted to using Facebook to check up on potential students.
> 
> 
> http://tinyurl.com/6k7wgy

Does anyone but kids and students do face book?

On Thu, 17 Jul 2008 14:19:49 +0100, Sofa - Spud 
wrote:

>Ed wrote:
>> 
>> Massive Facebook fraud scare as website accidentally publishes dates
>> of birth of millions of users
>> 
>> Facebook was at the centre of a massive ID fraud scare yesterday after
>> it accidentally published confidential information about its users.
>> 
>> In a huge breach of privacy, the social networking site disclosed the
>> dates of birth of many of its 80 million active users - even if they
>> had asked for the information to be kept secret. Although the details
>> have now been removed, there are concerns that internet fraudsters
>> could use the information to commit identity theft.
>> 
>> Facebook is one of the fastest growing and most popular services on
>> the internet.
>> 
>> It allows people to create home pages devoted to themselves, and then
>> swap pictures, news, trivia and gossip with a circle of friends,
>> family or acquaintances. Owners of a Facebook page can limit who has
>> access to personal details such as dates of births, phone numbers,
>> addresses and photographs. However, a test website of a new version of
>> Facebook made available to the public this week included confidential
>> details that should have been kept private.
>> 
>> The blunder was spotted by the computer security firm Sophos on Monday
>> evening.
>> 
>> 'I was shocked to see people's full date of birth revealed, even
>> though I knew they had their privacy set up correctly to supposedly
>> hide the information,' said Sophos' Graham Cluley who discovered the
>> security slip. 'It's essential that users of social networks should
>> have confidence that their privacy will be protected - and it's
>> especially important with information like your date of birth, which
>> can be a golden nugget for a committed identity thief.'
>> 
>> Mr Cluley informed Facebook as soon as he discovered the flaw, which
>> now appears to have been fixed. 'It's good that Facebook fixed the
>> problem - but can people feel confident that this kind of mistake
>> won't happen again in future?' he said. 'My advice to Facebook users
>> would be, even if your date of birth is set to be non-visible, change
>> it to a made-up date in case this kind of blunder happens again.
>> 'Facebook and other social networking websites need to be more careful
>> about protecting their members' data, or risk losing users.'
>> 
>> Security experts have repeatedly warned that Facebook and other
>> networking sites like MySpace and Bebo expose people to identity
>> fraud.
>> 
>> Many of the user profile pages contain personal information such as
>> pet names, children's names, favourite sports teams and work details
>> that could be used to guess passwords. Others carry dates of birth,
>> phone numbers and addresses. One Facebook user even publicised his
>> mother's maiden name on his site - information that is often used by
>> banks to confirm identity over the phone.
>> 
>> Last year, Sophos published results of a identity theft probe into
>> Facebook which uncovered that 41 per cent of users would divulge
>> personal information - such as email address, date of birth and phone
>> number - to a complete stranger. People who publish personal
>> photographs and potentially embarrassing information on Facebook are
>> also in danger of ruining their future career opportunities. Around
>> one in five companies admits to routinely trawling Facebook to learn
>> more about job candidates. A senior tutor at Cambridge University has
>> also admitted to using Facebook to check up on potential students.
>> 
>> 
>> http://tinyurl.com/6k7wgy
>
>Does anyone but kids and students do face book?

Post graduates?
-- 

Martin

On Thu, 17 Jul 2008 02:21:31 -0700 (PDT), Ed
 wrote:

>Massive Facebook fraud scare as website accidentally publishes dates
>of birth of millions of users

Yeah, because that's the key to ID fraud.  Once a potential fraudster
knows your birthday, you're fucked.  You may as well just write them a
cheque to the value of your bank balance there and then.

>> Does anyone but kids and students do face book?
> 
> Post graduates?

I do. Its a useful way to keep in touch with people as groups. It 
doesn't have to be about silly applications.

This scar is pretty tame anyway. Nobody with any sense puts their real 
date of birth down on Facebook.

Simon

On Thu, 17 Jul 2008 17:44:13 +0100, middlelight@googlemail.com wrote:

>On Thu, 17 Jul 2008 02:21:31 -0700 (PDT), Ed
> wrote:
>
>>Massive Facebook fraud scare as website accidentally publishes dates
>>of birth of millions of users
>
>Yeah, because that's the key to ID fraud.  Once a potential fraudster
>knows your birthday, you're fucked.  You may as well just write them a
>cheque to the value of your bank balance there and then.

Just send unmarked notes.
-- 

Martin

On Thu, 17 Jul 2008 17:44:13 +0100, middlelight@googlemail.com wrote:

>On Thu, 17 Jul 2008 02:21:31 -0700 (PDT), Ed
> wrote:
>
>>Massive Facebook fraud scare as website accidentally publishes dates
>>of birth of millions of users
>
>Yeah, because that's the key to ID fraud.  Once a potential fraudster
>knows your birthday, you're fucked.  You may as well just write them a
>cheque to the value of your bank balance there and then.

Anybody who puts lots of private details on to a website 'deserves' to
be fucked. I mean obviously, crime is bad and nobody deserves to be a
victim of it, but nobody would hand that info to a total stranger in
'real life' but they'll happily give it to any old website.

A few years ago some guy at AOL sold over 90 million AOL addresses to
spammers, so even if FB (or any other social network site) _did_ keep
it private, why assume people working at FB can be trusted?

"Ed"  wrote in message 
news:02c83db0-9dc5-4cfb-8728-763615d7352a@i76g2000hsf.googlegroups.com...
>
>

>
> Last year, Sophos published results of a identity theft probe into
> Facebook which uncovered that 41 per cent of users would divulge
> personal information - such as email address, date of birth and phone
> number - to a complete stranger. People who publish personal
> photographs and potentially embarrassing information on Facebook are
> also in danger of ruining their future career opportunities. Around
> one in five companies admits to routinely trawling Facebook to learn
> more about job candidates. A senior tutor at Cambridge University has
> also admitted to using Facebook to check up on potential students.

I'm not convinced that any employer ever finds anything on Facebook
that would *seriously* prejudice them against any job candidate.
I mean, what's the worst thing they are likely to find on there?
Stupid, drunken photographs no doubt, perhaps involving the
'liberation' of a traffic cone from some road works.
Hardly the kind of behaviour that makes one unsuitable for a job
and indeed very likely to be the kind of behaviour said employer
indulged in 20 years before, the only difference being there is no
online evidence to prove it.
-- 
Col

Steal a spaceship and head for the sun,
Shoot the stars with a lemonade ray gun.

"Froot Bat"  wrote in message 
news:487f7844$0$13893$8a667849@news.ak47.org...
> On Thu, 17 Jul 2008 17:44:13 +0100, middlelight@googlemail.com wrote:
>
>>On Thu, 17 Jul 2008 02:21:31 -0700 (PDT), Ed
>> wrote:
>>
>>>Massive Facebook fraud scare as website accidentally publishes dates
>>>of birth of millions of users
>>
>>Yeah, because that's the key to ID fraud.  Once a potential fraudster
>>knows your birthday, you're fucked.  You may as well just write them a
>>cheque to the value of your bank balance there and then.
>
> Anybody who puts lots of private details on to a website 'deserves' to
> be fucked. I mean obviously, crime is bad and nobody deserves to be a
> victim of it, but nobody would hand that info to a total stranger in
> 'real life' but they'll happily give it to any old website.
>
> A few years ago some guy at AOL sold over 90 million AOL addresses to
> spammers, so even if FB (or any other social network site) _did_ keep
> it private, why assume people working at FB can be trusted?

And it's free to use isn't it, so what's in it for them?

On Thu, 17 Jul 2008 17:49:55 +0100, Simon  wrote:

>>> Does anyone but kids and students do face book?
>> 
>> Post graduates?
>
>I do. Its a useful way to keep in touch with people as groups. It 
>doesn't have to be about silly applications.
>
>This scar is pretty tame anyway. Nobody with any sense puts their real 
>date of birth down on Facebook.

Judging from what I have seen some put everything down.
-- 

Martin

On Thu, 17 Jul 2008 18:11:17 GMT, "BoredOfThem"  wrote:

>"Froot Bat"  wrote in message 
>news:487f7844$0$13893$8a667849@news.ak47.org...
>> On Thu, 17 Jul 2008 17:44:13 +0100, middlelight@googlemail.com wrote:
>>
>>>On Thu, 17 Jul 2008 02:21:31 -0700 (PDT), Ed
>>> wrote:
>>>
>>>>Massive Facebook fraud scare as website accidentally publishes dates
>>>>of birth of millions of users
>>>
>>>Yeah, because that's the key to ID fraud.  Once a potential fraudster
>>>knows your birthday, you're fucked.  You may as well just write them a
>>>cheque to the value of your bank balance there and then.
>>
>> Anybody who puts lots of private details on to a website 'deserves' to
>> be fucked. I mean obviously, crime is bad and nobody deserves to be a
>> victim of it, but nobody would hand that info to a total stranger in
>> 'real life' but they'll happily give it to any old website.
>>
>> A few years ago some guy at AOL sold over 90 million AOL addresses to
>> spammers, so even if FB (or any other social network site) _did_ keep
>> it private, why assume people working at FB can be trusted?
>
>And it's free to use isn't it, so what's in it for them?

Yep, like every free to use site it's about data mining and spamming
you senseless with advertising. Not necessarily, but including, by
email. And/or ultimately selling your info on to others.

It's like the Viacom/Youtube thing. People complained when Viacom got
all that info, but nobody seemed to worry about the fact that Google
already had it.