Graham Cluley, a senior technology consultant with Sophos Inc., has discovered a flaw in Facebook which could allow a hacker to view the date of birth of users regardless of whether their profiles are set to private. It appears that Facebook has plugged the flaw fairly quickly, but Cluley warns that it could return in the future.
While on the surface it doesn’t seem like a major breach, Cluley points out that a person’s date of birth is a valuable piece of information for identity thieves. Cluley says Facebook users should change their date of birth to avoid being targeted by phishers.
Cluley posted a YouTube video demonstrating the flaw.