In a world so plagued by identity theft and security concerns, knowing that security holes are being patched in places where you store sensitive data is important. Thus it is no surprise that Facebook wanted to announce that they had patched a security flaw which could have exposed users birthdates. Sophos originally made the flaw public, and Facebook admitted that the flaw was present in a new design they had rolled out this week.
A birth date may not be as crucial as a credit card number, but is a starting point to people getting passwords reset and accounts broken into. Facebook didn't reveal exactly how many people were vulnerable after the flaw was posted, but did say it was limited only to a new site design that wasn't deployed en-masse. Interestingly, the Sophos response to the flaw was to suggest people use fake birthdates. That goes contrary to the majority of online terms of service, which often specify they want “accurate” information.