Today, Facebook announced a security bug that compromised the personal account information of six million users. In a blog post, the security team explained that some of the information the site uses to deliver friend recommendations was "inadvertently stored with people's contact information as part of their account on Facebook." When users downloaded an archive of their account via the DYI (download your information) tool, some were apparently given access to additional contact info for friends and even friends of friends. The post continues:
We've concluded that approximately 6 million Facebook users had email addresses or telephone numbers shared. There were other email addresses or telephone numbers included in the d
