Developers sold Facebook user data
Facebook said in a posting on the developer blog last Friday that various programmers developing applications for the Facebook social network had apparently collected user IDs and sold them to a data broker. The questionable practice was discovered when examining the circumstances surrounding a hole which caused privacy issues due to inadvertent UID transfers.
When examining the circumstances of inadvertent UID transfers, Facebook says it discovered some instances where a data broker was paying developers for UIDs. According to Facebook, the "fewer than a dozen" conspicuous developers have been banned from accessing Facebook's communication channels for six months. Facebook also plans to subsequently audit these developers' data practices.
Facebook emphasised that no private user data was sold and that the transfer of the UIDs did not give access to any private data. However, the UIDs can be used to determine user names and collect public information from the affected users' pages for profile building. Facebook also said that data broker RapLeaf has agreed to delete any user IDs in its possession and to stay away from the Facebook platform in future.