Yesterday morning I had an email from Facebook letting me know that a friend had "tagged" me on his profile. This sounded fair enough, we’re friends after all. It went on to say that he tagged me under "University" with the name of my alma mater.

Curious, I logged into the website and saw the name of my former university on my profile! When I signed back up for Facebook, I deliberately withheld this information and now it’s on my profile.

But he tagged me on his profile, you said!

Details of which university I attended, the years I was there, my course and grades are all available elsewhere on the Internet; it’s not a secret! But having deliberately chosen not to put this information into Mark Zuckerberg’s databases, it’s infuriating that anybody can enter this information on my behalf and without my permission.

This morning I had a play around with Facebook, adding MI6, CONTROL and St Trinian’s School to friends’ profiles. It’s remarkably easy.

Some financial institutions use the name of people’s first school and similar information as answers to security questions. It’s a huge concern that these answers can be disclosed, unwittingly, by our friends.

Although I was able to remove the information from my profile, I’ve searched through Facebook’s privacy settings, and I can see no way to prevent this information being disclosed, in the first place. I see this as a huge security risk.

If you’re a Facebook user (and the chances are very high that you are), please take a moment to review the information you disclose and also your privacy settings. Sophos’s recommendations for Facebook settings are a good guideline.