Facebook is known for security issues from the beginning, now it has been confirmed by the officials that a security bug affects 6 million facebook accounts. This security bug exposed  Personal Account Information, Emails and phone numbers. The Facebook security team posted a message describing the situation.

Snippet from the message from facebook security team:

We’ve concluded that approximately 6 million Facebook users had email addresses or telephone numbers shared. There were other email addresses or telephone numbers included in the downloads, but they were not connected to any Facebook users or even names of individuals. For almost all of the email addresses or telephone numbers impacted, each individual email address or telephone number was only included in a download once or twice. This means, in almost all cases, an email address or telephone number was only exposed to one person. Additionally, no other types of personal or financial information were included and only people on Facebook – not developers or advertisers – have access to the DYI tool.

The bug has been live since last year, and it was discovered a few days ago. The message tells they’ve no evidence  that this bug has been exploited maliciously also no financial details are not exposed. The personal details was downloaded using a tool available for users called Download Your Information (DYI) tool. After finding the bug, the facebook team immediately disabled the DYI to fix the problem and they turned back on after fixing it.