Facebook - 2013

Facebook discovered a bug that may have allowed unauthorized users to view the personal contact information of Facebook users.  The people who could have used the information would have had some kind of connection to them or some kind of contact information, but users may have thought their email and phone numbers were hidden from these connections.  People who used the Download Your Information (DYI) tool may have been able to access the contact information.  The issue was discovered by an external group of security researches involved with the White Hat program. The breach began sometime in 2012.