Facebook's unreliable privacy settings

News that hackers have once again found their way into Facebook should serve as reminder to firms using external social networks as part of a business strategy that data is not necessarily secure behind a web site's login details.

Perhaps social suites available from enterprise vendors might be a safer bet.

FBHive, a recently launched site following Facebook, said yesterday it was able to hack into any person's "Basic Information" section, no matter what their privacy settings.

"We have already reported this bug to Facebook on June 7th 2009, through multiple avenues, but it has received little attention. Hopefully this incites a little more action from them," said the post.

The exploit involved fooling the "Edit Information" section of a user's profile to display another user's Basic Information by using the Tamper Data add-on for Firefox.

FBHive launched a video to show Facebook users how easy the hack was.

Although soon after FBHive published its report, the Facebook security team fixed the exploit, the news follows a revelation from a Burton Group analyst back in 2008 that an email add-on called Xobni, which plugs in to Microsoft Office and correlates Outlook contact data with external sources such as Facebook, also managed to override privacy protections.

Analyst Mike Gotta said that when an individual's social data is pulled from an external network site into another person's email account, they should be properly notified.

"I do believe that context of a relationship agreement made within one environment does not necessarily transfer to other environments without the parties being aware and in some cases, consenting to that information being revealed in those other contexts," Gotta had said in his blog.

"What really surprised me though was that I now had access to people's information via Xonbi's Facebook Connect application that I could not access normally on Facebook," he added.