Third party Facebook developers are getting access to much more than your basic information.
According to a post on Facebook's developer blog, people designing for the platform can now access your contact information including your current address and mobile phone number.
Security company Sophos says the move could "herald a new level of danger for Facebook users."
While Facebook users must grant each individual application access to their contact information via Facebook's standard "Request for Permission" dialogs, Sophos notes that "there are just too many attacks happening on a daily basis which trick users into doing precisely this."
Facebook users are sometimes so eager to access features in an app they click the "Allow [app to access my information]" button without reading the fine print. If they did, they might notice the application developer is getting access to their sensitive personal details.
"Now, shady app developers will find it easier than ever before to gather even more personal information from users," says Sophos, adding that, "[y]ou can imagine, for instance, that bad guys could set up a rogue app that collects mobile phone numbers and then uses that information for the purposes of SMS spamming or sells on the data to cold-calling companies."
The easiest way to stop rogue Facebook apps accessing your sensitive details is to make sure your home address and mobile number have been removed from your Facebook profile.
You should also take great care when granting applications access to your profile information.
Twitter users are cheekily suggesting people change their phone number to 650-543-480: Facebook's Customer Service phone number.
Facebook users were generally appalled by the news. The comments sections on blogs reporting on the changes were filled with posts like those included below:
"My theory: unless you take extreme measures to protect your privacy on Facebook, someday you will deeply regret joining," says "ministerial."
"You can't blame Facebook for allowing access to the information you provided them in the first place. Does Facebook have my address? no," commented "axertion."
"I don't like this due to the fact its so easy to mis-interpret what the popup alert is saying to you regarding sharing information. There are so many people who use this service who are not total techies and have no idea how to operate or control their privacies. By even allowing the sharing of personal information beyond an e-mail address is blatantly taking advantage of those who are expected to know these things," says "Sean Boone."