Users in the United States were given access to the Facebook accounts of other people, reports the Associated Press.
“A Georgia mother and her two daughters logged onto Facebook from mobile phones last weekend and wound up in a startling place: strangers’ accounts with full access to troves of private information,” the story says.
The AP does not explain how the mix up happened, but the problem is not with Facebook, apparently. The glitch, “a routing problem,” occurred between the users’ phone and their Internet service provider, AT&T.
Security experts interviewed for the story said they had never heard of a case like this, where users were given access to the wrong account. It’s unknown whether such a mix up is rare, or just rarely reported. Experts agreed that the same flaw could happen with other applications, such as email or blogging services.
READ IT: Network Flaw Causes Scary Web Error
MORE: Ars Technica provides a not-too-technical explanation of what likely happened, including this pithy synopsis:
“So it looks like AT&T did something wrong—even though I wouldn’t call it a “routing” problem—and the company is in the process of fixing things. But Facebook also shares some blame for this situation. Apparently Facebook, like many other sites, doesn’t think the information tied to a user’s account is important enough to protect with something stronger than a clear text cookie.”