Facebook just published a data breach notification on its security blog.
You might not immediately notice that from the title of the article, which announces itself as an "Important Message from Facebook's White Hat Program."
The cloud (bad pun intended) is that Facebook's systems made the fault possible in the first place.
What Facebook seems to be admitting to, in Friday's breach notification message, is that it was careless with the aggregated data accumulated from contact list uploads.
The problem, says Facebook, lay in its Download Your Information (DYI) feature, which exists so you can suck down everything you've previously entrusted to the social networking giant.
DYI improves availability, because it allows you to make your own off-site backup of everything you've stored on Facebook. It improves transparency, because it acts as a record of everything you've uploaded to Facebook over the years.But there was a bug in DYI, of the data leakage/unauthorised disclosure sort.
Apparently, DYI was capable of letting you download more than you'd uploaded in the first place.