Facebook has moved quickly to shut down a loophole which made some accounts accessible without a password. The bug was exposed in a message posted to the Hacker News website. The message contained a search string that, when used on Google, returned a list of links to 1.32 million Facebook accounts. In some cases clicking on a link logged in to that account without the need for a password. All the links exposed the email addresses of Facebook users. ( source of BBC )