Facebook fixed a "shadow profile" leak, but don't quite say what leaked
June 23, 2013 2:33 PM Subscribe
posted by filthy light thief (27 comments total)
17 users marked this as a favorite
Going back to at least 2011
, it was believed that Facebook kept "shadow profiles" of users and non-users, accumulating information when users synchronize mobile phones, import personal data from e-mail providers, import personal information from instant messaging services, send invitations to friends or make search queries for other people on Facebook
. In early 2012, four members of the U.S. House of Representatives Energy and Commerce Committee's Subcommittee on Oversight and Investigations demanded answers from Facebook
(PDF) and were told that non-users didn't have "shadow profiles"
, but the contents of the reply were not made public. Just this past Friday, Facebook released an "Important Message" on a data leak they closed
, in which information from members' "shadow profiles" could be obtained.Hacker News users dug in to find out what was was meant but not written
From Packet Storm Security
: "To sum things up, an information leak in Facebook has highlighted the dangers of hoarding user data. Facebook reacted to the incident in a responsible manner in order to fix the leak. What is not fixed, is their policy."