Facebook 'hack' puts public data into the public domain

100 million users details float on to Pirate Bay

TODO alt text

A white hat hacker has announced on his blog that he's taken advantage of Facebook's muddled privacy settings by putting 100 million people's details on BitTorrent site Pirate Bay.

While there have been various media reports that this was private data made public, this according to Facebook wasn't the case, more an aggregation of publicly available information that's free for all to view at the moment.

"People who use Facebook own their information and have the right to share only what they want, with whom they want, and when they want," noted Facebook's statement.

"In this case, information that people have agreed to make public was collected by a single researcher and already exists in Google, Bing, other search engines, as well as on Facebook.

"No private data is available or has been compromised."

Data mined

The 'hacker' is security consultant Ron Bowles who took publicly available data – user IDs, names, URLs and other information – and created a 2.8GB file for all to download from Pirate Bay.

While this wasn't a breach of privacy, by collating a mountain of data that is freely available about members of Facebook Bowles has shown just how much information users do allow Google and the like to aggregate.

But the fact of the matter remains: If your details are in the file, then your privacy settings are, or were until recently, set to public.