Security researchers at Symantec sad a programming bug on Facebook’s website may have unintentionally given advertisers and others access to a bunch of personal information. This issue may have affected almost 100,000 Facebook applications for now.

According to Symantec, a number of Facebook applications have been accidentally handing bunch of numbers and letters that can be used by a browser to access Facebook accounts over the Web.

"Access tokens are like the 'spare keys' granted by you to the Facebook applications," Symantec said in a blog post. "Each token or 'spare key' is associated with a select set of permissions, like reading your wall, accessing your friend's profile, posting to your wall, and others," researchers said.

These pieces of information are granted by users to certain Facebook applications in order to write on profile walls and the like. With this, advertisers or online analytics companies get the information through leaks in Facebook URLs.

"We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of tokens to third parties," Symantec said.

Facebook representatives are not immediately available to comment on the issue. The company opened up its social network to the third-party Web developers in 2007. The latter have become major key to the site's phenomenal success.

Symantec said it is not yet clear whether anyone has realized that this problem existed. It is possible then that nobody has taken advantage of the bug to meddle with the personal information of Facebook users.

Although Facebook already resolved the problem, accesses to personal information may still be in circulation as they remain stored in server log files or in other places on the Web. Symantec, on the other hand, advised that affected users should change their Facebook passwords by "changing the lock" on their Facebook account.