Bono's bikini party photos exposed by Facebook privacy flaw

October 29, 2008 Sophos Press Release

IT security and control firm Sophos is warning Facebook users who are members of geographic networks to check their privacy settings after photos of Bono from U2 and a couple of bikini-clad girls were made available to the entire New York network.

Last year Sophos called for Facebook to change its default security options as joining a geographic network automatically opens up the user's whole profile to every other member of the network, no matter how stringent your previous privacy settings.

According to reports, in this latest incident, one of the girls involved, Andrea Feick, posted her private photos to the social networking site. However, since she was also a member of the New York network, more than one million people were then able to view these pictures of the humanitarian campaigner.

"This could all be completely innocent on Bono's part, but it raises the serious security issue about how everyone must ensure their identity is properly protected online," said Graham Cluley, senior technology consultant at Sophos. "Facebook's privacy features are more sophisticated than some competing social networking sites, but the fact that Facebook changes these without asking when you join a geographic network is a huge oversight. While in this instance the result is potentially embarrassing for Bono, other members of the site could easily find themselves the victim of identity theft."

Facebook is made up of thousands of networks worldwide and users are encouraged to join them in order to meet and make friends with people in the area. Sophos advises all users to exercise caution when joining these networks and to ensure they reset their security settings to keep potential cybercriminals away from personal information.