Skip to main content

Facebook New Year's App Exposes Users Private Messages

Last week, in preparation for New Year's Eve, social network Facebook launched a new feature that enabled users to send scheduled messages to their friends at the stroke of midnight on January 1. Unfortunately, it seems the new application wasn't quite as air tight as Facebook thought as British IT student Jack Jenkins discovered a pretty serious flaw with the system on New Year's Eve.

According to Jenkins' personal blog, he was able to see messages other Facebook users were sending via the service just by manipulating the ID in the URL. While you'll most likely see messages of people you don't know, the fact that your personal messages may be seen by a complete stranger is likely to make folks uneasy, especially if the messages they sent went beyond the usual New Year's salutations. What's more, Jenkins was able to successfully delete messages that had been sent by other users, which means some folks may have sent scheduled messages that never arrived.

Facebook took the service down once the flaw was made public and, with New Year's over and done with, the service is gone for good. However, Facebook did manage to get it fixed and back up in time for people to send messages, according to the Verge.

Contact Us for News Tips, Corrections and Feedback

  • Onus
    Anything posted online, anywhere, regardless of any alleged "privacy policy," should be considered public. Period.
  • hector2
    Well, isn't that a surprise -- not
  • de5_Roy
    facebook's 'happy "privacy-free" new year' is right on cue.
    prediction: since they started the year with a leak, expect more leaks this year.