Facebook, MySpace caught releasing user data

— Brett Michael Dykes is a national affairs writer for Yahoo! News.

Fri May 21, 5:47 pm ET

In a seemingly never-ending string of damaging disclosures about its users’ privacy concerns, Facebook has reportedly been releasing user data to ad companies that hadn’t even asked for the info.

Facebook isn’t alone this time: rival social-media site MySpace has also been called out in Friday’s Wall Street Journal report by Emily Steel and Jessica E. Vascellaro — together with the content-sharing sites Livejournal and Digg.

The report says that the companies have delivered user data to major online advertising companies such as Google’s DoubleClick and Yahoo!’s Right Media, despite explicit pledges to protect such information. The released material includes user names and ID numbers, together with data that could be used to accumulate a host of additional information on individual users, such as where they live, their names, occupations, incomes and places of employment.

Read more at Yahoo! News.

Facebook fixes bug that allowed friend deletion

By Robert McMillan  –  May 21, 2010 08:21 PM ET

IDG News Service – Facebook has fixed a flaw that let hackers delete Facebook friends without permission.

The flaw was reported Wednesday by Steven Abbagnaro, a student at Marist College in Poughkeepsie, New York. It was patched Friday afternoon, Pacific time, after the IDG News Service notified Facebook of the issue.

The bug was a variation of an earlier vulnerability that Facebook learned about last week, which affected a range of features on the Web site. Hackers could have leveraged Abbagnaro’s bug to delete all of a victim’s contacts, one by one, but it does not appear that anyone ever exploited it in a malicious way.

For Abbagnaro’s attack to work, however, a user would have to have been tricked into clicking on a malicious Web link while still logged into Facebook.

For more  visit Robert McMillan at Computerworld.com