From PEHub:
Sunday morning, some of the 2,301 Facebook friends of venture
capitalist and Facebook board member Jim Breyer received a message from
him, through Facebook. “Would You Like a Facebook Phone Number?” it
asked, presenting a link to “see more details and RSVP.”While no one would be surprised by a service that allowed users to
call friends from their Facebook accounts, the message was a hack. “This
was a phishing scam and Jim’s account appears to have been
compromised,” says Larry Yu, a Facebook spokesman, late yesterday. “The
issue has since been resolved and we’re actively trying to block this
activity.”Breyer, a partner at Accel Partners, didn’t respond to questions
relating to the message.
At this point there has been no detailed explanation from Facebook explaining how this happened and what steps they are taking to reduce the likelihood of it happening again. Compare Facebook's approach to this breach to Apache's approach to their recent breach which I wrote about here.
Given Facebook's approach to privacy, I doubt anyone is surprised.