London, May 1 : You might be happily enjoying your daily dose of social networking on Facebook, but according to an investigation, a loophole on the site can allow identity thieves to access your personal details.
The popular social networking site allows users to add a variety of applications to their profile.
But according to the BBC technology programme Click, a malicious program, masquerading as a harmless application, could potentially harvest personal data.
Facebook says users should exercise caution when adding applications. Any programs, which violate their terms, will be removed, the network said.
To substantiate the finding, computer programmers working for Click, developed an application for Facebook, which they used to discover the details of four users and all their friends.
Investigators say it cannot be determined if any application creators are using this method to steal data, but the ease with which they put together a rogue application has raised concern.
The Facebook website has terms and conditions for creators of applications, such as games, puzzles and messaging, but criminals who want to gain access to personal information can easily just ignore these.
Paul Docherty, Technical Director of Portcullis Security, said that Facebook's terms and conditions legally cover it against any liability, but added that "Morally, Facebook has acted naively."
"Facebook needs to change the default settings and tighten up security," BBC quoted him, as saying.