Facebook profiles have become the de-facto identities of people across the internet. This is thanks, in large part, to Login With Facebook, the social network's universal login API, which allows users to carry their profile information to other apps and websites. Be advised Facebook's universal login feature carries security risks, according to research from Princeton University and other high profile credible sources.
Third-party tracking scripts have the capability to scoop up information from Facebook's login API without users knowing. The tracking scripts are part of an invisible tracking ecosystem that follows users around the web largely without their knowledge. When Facebook users don't take the time to disable an obscure option to grant permission for a website to access their Facebook profile, third-party trackers embedded on the site are getting that data, too. That can include a user's name, email address, age, birthday, and other information, depending on what info the original site requested to access.