Facebook Inc. admitted a security breach due to a technical glitch exposed the phone numbers and email addresses of 6 million users of the website to unauthorized parties during the past year, the company announced June 21.
The world's largest social networking website received word of the technical problem last week and it was apparently fixed within 24 hours. However, Facebook Inc. did not admit to the breach until late Friday with a written statement on the Facebook blog.
A spokesperson for the company said that the delay in admitting the unintentional exposure of users' private information was due to the company's obligation to first inform users who were affected before making a public announcement.
The company blamed the security breach, which began in 2012, on a bug in its massive archive of contact information collected from its 1.1 billion users worldwide," Reuters reported.
Users of Facebook who downloaded the contact information for their friends were also able to access additional user information that the company intended to keep private.
Information that Facebook utilized to suggest friends to users was inadvertently stored in with people's contact information as part of their Facebook accounts, NBC reported.
This announcement comes after a recent announcement that several Internet companies, including Facebook, Google, Apple Inc. and Yahoo Inc., released user information to a major electronic surveillance program run by U.S. intelligence.
Last week, the U.S. government agreed to disclose to the companies an estimate of the number of user information requests each company received. A rough total of the requests the government agreed to provide was to include secret national security orders.
Below is an excerpt of the statement from Facebook's blog:
"We've concluded that approximately 6 million Facebook users had email addresses or telephone numbers shared. There were other email addresses or telephone numbers included in the downloads, but they were not connected to any Facebook users or even names of individuals. For almost all of the email addresses or telephone numbers impacted, each individual email address or telephone number was only included in a download once or twice. This means, in almost all cases, an email address or telephone number was only exposed to one person. Additionally, no other types of personal or financial information were included."