Dec.af Sites:    Contacts Lenses Comparison | Funny Status | The Trailermash  | Craawler SEO & Website Spellchecker Tool | Image to Base 64 Tool

  • Our comprehensive guide to everything Facebook Chat related.
  • Images showing removal of Facebook's rounded corners reveal hidden new features.
  • Exposing the spam Facebook Pages with audiences of millions.

Private Facebook info accessible with a simple hack

Written by FBHiveD on . Posted in News, Privacy & Security


Update 1: Facebook have now fixed this exploit, and have also ask we remove the pictures of proof below. We’re going to comply with their request, but expect a follow up story shortly on how we did it.

Update 2: Watch our video on just how we did it.

Facebook has long touted their privacy settings as being highly customizable and secure, so you can be more open and comfortable about sharing information with just the people you choose, but what about when you want protection for your identity, does it really work? And how would you feel if that information was accessible to anyone, anywhere, even if your account was COMPLETELY hidden?

FBHive, for our premiere feature article, is first to break this story.

In June 2007, The Register reported that Facebook Search could be utilized to sniff out private information. This is similar to what we have achieved, only our process is much more simplified and specific. With a simple hack, everything listed in a person’s “Basic Information” section can be viewed, no matter what their privacy settings are. This information includes networks, sex, birthday, hometown, siblings, parents, relationship status, interested in, looking for, political views and religious views.

We have already reported this bug to Facebook on June 7th 2009, through multiple avenues, but it has received little attention. Hopefully this incites a little more action from them.

So I suppose you want proof, right? First up, Facebook Founder and CEO, Mark Zuckerberg:

I can hear you already: “All that information is public knowledge. Anyone could fake that.”
Okay, how about… Founder of Digg, co-host of Diggnation and all-round cool guy, Kevin Rose?

Still not enough? Okay, one more. Co-editor of Boing Boing and famous blogger, Cory Doctorow:

According to Wikipedia he’s been happily married since October 2008. His Facebook profile only says he’s engaged.

If you still don’t believe us, feel free to leave a link to your Facebook profile in the comments and we will gladly tell you a little bit about yourself that you thought only your friends could see. (Edit: Since TechCrunch has now confirmed our exploit as real, we will no longer be offering further proof for individuals.)

We are not malicious hackers by any means, and our skills are far from advanced. We here at FBHive are fans of Facebook, but when a security hole as big as this is discovered and brought to their attention, it shouldn’t take 15 days to fix.

We can confirm that as of June 22, this hack is still working. In the next few days, we will be posting a follow-up article that details how we did it.

Tags:

Comments (49)

  • Bas Grasmayer

    |

    Fix this, Facebook!

    Praying HR professionals / bosses won’t find out about this hack ;-)

    Reply

  • Ray Reece

    |

    I would like to see you do this to my facebook…

    I believe you can do it, I am just curious. =)

    Reply

  • Jan Vrsinsky

    |

    Can you get anything more than the info displayed in the article?

    Reply

  • Osa Staff

    |

    Not good! I too would be interested in knowing what other information can be seen on profiles by this hack. Thanks for letting us know about this!

    Reply

  • Amiah Connel

    |

    This profile of mine is a second one to which I don’t post any real pics of myself (for political safety reasons) there is a link to my regular personal one form pics only certain friends can see. So as you can imagine, I am quite concerned about this. Tell me what you can see and what I need to do to secure my privacy on FB.

    Reply

  • FBHive

    |

    @Phillip – Since Techcrunch has vouched we’re legit, we’re going to lay off the hack for the time being, sorry.

    @Jan @John – Anything listed in Basic Information. If you’ve set it: Networks, Sex, Birthday, Hometown, Siblings, Parents, Relationship Status, Religious Views, Home Neighborhood, Interested In, Looking For, Political Views and Religious Views.

    @Amiah – You can remove the information or wait for FB to fix the problem. The information above is the only details accessible. As far as we can tell, your photos, posted items, wall etc are all secure! (at least from this exploit)

    Reply

  • Kevin O'Reilly

    |

    You’ll get someone’s attention, for sure. :) Good job and good luck with your new blog.

    Reply

  • Thomas Morton

    |

    Facebook have a poor security history – and as you have found are unresponsive to any kind of “heads up”.

    I work for a security research firm and recently contacted them with a 4 page spread of exploits and bugs. No reply appeared! Im always interested in new exploits – I suspect we have the one you mention (potentially it is one I made public several months back) but it’s always interesting to compare notes – drop me a line if you fancy.

    Reply

  • Ryan Kitsune

    |

    This has been fixed. Do you think you can tell us how you found it/how it worked?

    Reply

  • Anupum Pant

    |

    How can this information help, i don’t care about mine being leaked. My profile is open to all.

    Reply

  • Pete Kistler

    |

    Incredible to see such a simple Online Reputation Management hack pulled right over Facebook’s eyes. It further validates that you can never assume any online data is private. I am glad to see that Facebook was quick to fix the hole.
    .
    - Pete Kistler (CEO, Brand-Yourself.com)

    Tips to manage your online reputation: http://blog.brand-yourself.com

    Reply

  • Sonya Stead

    |

    hi can u do me then my names is craig hall i have 1 frend on facebook i need the email as i for got it thanks

    Reply

  • Marie

    |

    Wooowww i wish i can do that to my bfs facebook because he deleted his first one and then he made an other acvount and he said he doesnt have one but i know he got a new one and im not sure i will like what he has on it

    Reply

  • patrick nich

    |

    can you hack back my old acc : patrick nich

    Reply

  • Jason D.

    |

    So the security threats spewing from Facebook are more than real, down right dangerous for some people. SO happy Facebook is free and we don’t have our CC info posted. Well.. With all the info Smuckersburg has on us all I’m sure that’s the next thing the poor guy will ask for. God Help Us All. FBHive Thanks for the work and kudos to you guys!

    Reply

  • Devilcode

    |

    Hey, people whtz up? dont waste ur time in such fool things… i tell u truth behind facebook hacking if hacking is easy like a piece of cake then everybody likes to eat,, (LAUGH OUT LOUDLY) there is no such kind of websites or blog who teach u hacking. Hacking is a skill which develop by hard practice, so TAKE A BREAK

    Reply

  • El.

    |

    oooh I am really curious.. can I find out about my friend’s status if it is invisible for me on FB?

    Reply

  • jovana

    |

    ocu moj face

    Reply

  • CodeWomanSRQ

    |

    There is a link when you click on certain gifts in Farmville, i.e. Rose Bouquet Valentine’s gift that you can see flash quickly in the bottom left-hand corner of your browser that says “profile-leak…”. static-0.farmville… is ok but profile-leak is not.

    The authors of this “Profile Leak” use what’s called DNS Cache Poisoning as describe by Facebook: http://www.facebook.com/pages/DNS-cache-poisoning/106765356028239

    But what has Facebook done to correct the roles in their servers?

    Keep your add-ons in your browser software updated especially any adobe add-ons. Hackers seem to like to exploit Adobe lately so much that did you ever notice how they also download McAfee Anti-virus before you download the update for Adobe? That is why.

    Reply

  • Afzy Khan

    |

    thank for FBHive!!
    gud job..!!

    Reply

  • Jeu facebook

    |

    You are in point of fact a just right webmaster. The site loading velocity is incredible. It kind of feels that you’re doing any unique trick. Moreover, The contents are masterpiece. you’ve performed a magnificent activity in this subject!

    Reply

  • andres caicedo

    |

    Mi nombre es ANDRES CAICEDO ingeniero de sistemas. Soy un profesional preparado para hakcear cuentas de HOTMAIL, FACEBOOK, YAHOO, MSN, GMAIL, TUENTI.
    Soy una persona eficaz en este tipo de trabajos, para ponernos en contacto por favor dejar un correo con su nombre y pais de procedencia a esta cuenta sistemasing1@gmail.com, con todo gusto te colaborare en lo que necesites.

    Reply

  • hack facebook

    |

    There is a functional bot you can click here to download your is designed to can everything designed for you.

    As you might see, the promenade produces a few suitable training.
    Revoke access towards any third-party application that will anyone dont discover.
    http://www.youtube.com/watch?v=Vau5YJo2B1g

    Reply

  • seprince reviews

    |

    Hey there! I just would like to offer you a big thumbs
    up for your excellent information you have here on this
    post. I will be returning to your site for more soon.

    Reply

  • fast furious 6

    |

    Excellent post. I used to be checking constantly this weblog and I’m impressed! Very helpful information specifically the last section :) I deal with such info a lot. I used to be seeking this certain information for a very long time. Thank you and best of luck.

    Reply

  • facebook

    |

    Hi there! Do you know if they make any plugins to protect against hackers?
    I’m kinda paranoid about losing everything I’ve worked hard on.

    Any suggestions?

    Reply

  • Recover Twitter Password Tutorial

    |

    Hi there, I discovered your web site by the use
    of Google while searching for a comparable topic, your web site got here up, it appears to be like good.
    I have bookmarked it in my google bookmarks.

    Hello there, just was aware of your blog through Google,
    and found that it is truly informative. I’m gonna watch out for brussels. I’ll appreciate if you proceed this in
    future. A lot of other people will likely be benefited out of your writing.
    Cheers!

    Reply

  • facebook id hack online

    |

    What’s up, I check your new stuff daily. Your story-telling style is awesome, keep it up!

    Reply

  • pregnancy without pounds

    |

    We are a group of volunteers and opening a new scheme in our community.
    Your site offered us with valuable information to work on.
    You’ve done an impressive job and our whole community will be thankful to you.

    Reply

  • fifa13ultimategenerator.weebly.com

    |

    Thanks for a marvelous posting! I actually enjoyed reading it, you could be a great author.
    I will make certain to bookmark your blog and will often come back someday.
    I want to encourage that you continue your great posts, have a
    nice morning!

    Reply

  • movies columbus ohio

    |

    This is my first time visit at here and i am truly impressed to
    read all at single place.

    Reply

  • online trading options

    |

    Howdy! Quick question that’s completely off topic. Do you know how to make your site mobile friendly? My website looks weird when viewing from my iphone4. I’m trying to find a template or plugin
    that might be able to resolve this issue. If you have any suggestions, please share.
    Cheers!

    Reply

  • web site

    |

    For the reason that the admin of this web site is working, no hesitation very rapidly it will be renowned, due to its feature contents.

    Reply

  • Facebook

    |

    Facebook and also other social networks can be a great way to reconnect with people from your past.
    It implies that you spend fun with your friends. To reach the comparison you may need
    to spend a great deal of time.

    Reply

  • make money from photos

    |

    I always used to study post in news papers but now as I am a user of web thus from
    now I am using net for articles, thanks to web.

    Reply

  • gonza

    |

    alguien de aka me enseña

    Reply

Leave a comment