Users' pictures, including those of Facebook founder Mark Zuckerberg and socialite Paris Hilton, were exposed on the site, even though the photos were tagged as being visible only to the member and associated friends.
David Lavenda, vice president of marketing and product strategy at web security firm WorkLight, said: "Just imagine what would happen if a business-to-consumer document such as an employment contract were to leak in this way.
"The potential employee could see his or her personal details, including bank and National Insurance numbers, leaking out to third parties."
The incident highlights the importance of securing social networking sites when used in the enterprise to ensure that such lapses do not occur.
"Business access to web 2.0 sites like Facebook can produce compelling cost and working efficiencies, but businesses should be ready to implement appropriate security measures," said Lavenda.
Facebook blunder exposes photos despite private tag
By Clement James on Mar 28, 2008 6:49AM