Facebook says it has a bug that was discovered by a blogger and would cause the site to track what users did online, even when they were logged out of the social network.
The bug was spotted by Facebook user Nik Cubrilovic, who discovered that a number of 'cookies' remained active in user's browsers after they had logged out of the site, causing Facebook to track other sites users visited.
Cubrilovic, who reportedly worked with Facebook to fix the problem, said about the bug: "Facebook has made changes to the logout process and it has explained each part of the process and the cookies that the site uses in detail. The data shows that five cookies retained value after the logout procedure and a browser restart, while a further two survive the logout procedure and remain as session cookies."
These cookies should be terminated when the user leaves Facebook, or when the browser is closed.
Cubrilovic later wrote on his blog: "As of today, this cookie is now destroyed on logout."
Facebook said: "We set the 'datr' cookie when a Web browser accesses facebook.com, and the cookie helps us identify suspicious login activity and keeps users safe. For instance, we use it to flag questionable activity like failed login attempts and attempts to create multiple spam accounts."
The company said the bug did not cause a security breach and "Facebook did not store or use any information it should not have."
"We fixed the cookies so that they won't include unique information in the future when people log out."