A fault with Facebook’s data archive has led to the Personal details of about six million people being exposed accidentally.
Private email and telephone numbers were unintentionally shared with people who would not otherwise have had access to the information.
So far, there was no evidence the data exposed was being exploited for malicious ends, said Facebook.
It said it was “upset and embarrassed” by the bug, which was found by a programmer outside the company.
The data exposure came about because of the way that Facebook handled contact lists and address books uploaded to the social network,it said in a security advisory.
Typically, it said, it analysed the names and contact details on those lists so it could make friend recommendations and put people in touch with those they knew.
The bug meant some of the information Facebook generated during that checking process was stored alongside the uploaded contact lists and address books.
That meant, said Facebook, that when someone had downloaded their profile this extra data had travelled with it, letting people see contact details that had not been explicitly shared with them.