(The Hosting News) – Symantec, the online security firm, has found that around 100,000 Facebook applications have been sharing users’ access information, thus opening up the possibility other advertisers could have accessed user information.
The problem has to do with applications gaining access to users’ access tokens, usually taken when users install the Facebook apps. The tokens were usually taken with users’ consent with the intent of helping the applications function appropriately.
However, having such access to the tokens could enable some applications and advertisers to access Facebook user information, profiles, photos, and wall posts.
In their report on the matter, Symantec stated, “We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties”.
Responding to the matter, Facebook posted on its blog yesterday, “We have been working with Symantec to identity issues in our authentication flow to ensure that they are more secure.
You can view the entire blog post by Facebook here: http://developers.facebook.com/blog/post/497
You can view Symantec’s report here: http://www.symantec.com/connect/blogs/facebook-applications-accidentally-leaking-access-third-parties