AT&T mobile network flaw causes scary Web error

SAN FRANCISCO - A Georgia mother and her two daughters logged on to Facebook from mobile phones last weekend and wound up in a startling place: strangers' accounts with full access to private information.

The glitch - the result of a routing problem at the family's wireless carrier, AT&T - revealed a little known security flaw with far-reaching implications for everyone on the Internet, not just Facebook users.

In each case, the Internet lost track of who was who, putting the women into the wrong accounts. It doesn't appear the users could have done anything to stop it. The problem adds a dimension to researchers' warnings that there are many ways online information - from mundane data to dark secrets - can go awry.

Several security experts said they had not heard of a case like this, in which the wrong person was shown a Web page whose user name and password had been entered by someone else. It's not clear whether such episodes are rare or simply not reported. But experts said such flaws could occur on e-mail services, for instance, and that something similar could happen on a PC.

"The fact that it did happen is proof that it could potentially happen again and with something a lot more important than Facebook," said Nathan Hamiel, founder of the Hexagon Security Group, a research organization.

AT&T spokesman Michael Coe said its wireless customers have landed in the wrong Facebook pages in "a limited number of instances" and that a network problem behind those episodes is being fixed.