Ken O'Driscoll via mailop wrote:
On Sat, 2018-01-20 at 11:14 +1100, Michelle Sullivan wrote:
One can only conclude, they either have a leak in their API, or they
altered the permissions to give out emails when specifically denied, or
they got hacked and didn't disclose it.
They had bug for over a year between ~2012-2013 where contact details
(including email) were unintentionally exposed.
More info:
https://www.reuters.com/article/net-us-facebook-security/facebook-admits-year-long-data-breach-exposed-6-million-users-idUSBRE95K18Y20130621
So, you could have been part of that.
Possibly.
In any event, I'd let their security team know what happened.
You could also check (if you haven't already) haveibeenpwned.com to see if
the address pops up in any breach.
Yeah I don't do that in case the lookups are compromised... :)
--
Michelle Sullivan
http://www.mhix.org/
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
