Though the social networking site has caught plenty of flack for decisions it’s made about sharing user data, it appears the latest concern over Facebook privacy was caused by an accidental programming bug.
In a post on Symantec’s corporate blog, the security firm reported that certain Facebook applications may have inadvertently been giving advertisers access to users’ account information.
An estimated 100,000 applications may have been granting third-party companies this access for years, according to Symantec. However, it’s not clear whether any advertisers realized this. Symantec reports it has notified Facebook and the bug has been fixed.
Some of the access tokens that were handed out may still be valid, though, so Symantec recommends concerned users change their passwords.