The massive success of Facebook isn't good news for everybody. By expanding its students-only membership policy to include all comers, the site has seen user numbers skyrocket. And existing users are discovering their information isn't as private as they thought.

With social networking overtaking online shopping as UK internet users' favourite waste of time, many people could soon discover that online it's possible to provide too much information.

Caught in the act

In July, Oxford University students were shocked to receive emails from University authorities threatening them with fines for end-of-term misbehaviour. According to Oxford City Council, students' unofficial end-of-term parties, which usually take place in the town centre, cost up to £20,000 to clean up.

In the past, students have been secretly filmed in order to identify the culprits. This year, though, the students incriminated themselves. They took photos, uploaded them to Facebook and bragged about their involvement. And University authorities used them as evidence.

The student union called the move a 'disgraceful' invasion of privacy. But as a spokesperson for Oxford University says, "The perception is that this site is private. It is not, and everybody in the modern world has to adjust to that". The authorities hadn't done anything wrong; the problem is that the students were unaware or had forgotten that staff could also view content on Facebook's Oxford University network.

It's hard to feel sorry for students who fling food around town centres and leave the mess for others to clean up, but the row highlights a bigger issue. These sites are all about sharing, and as a result their default privacy settings aren't particularly paranoid. So if you join a network, your details are available to everyone on that network.

Sharing things with a network might not seem like a bad idea, until your employer in the same network sees you're posting unpleasant things about your co-workers or doing things you shouldn't. However, many Facebook networks are much larger and less selective.

You can join a network for Glasgow, for Bristol, for Brighton & Hove or for London, and some networks cover entire districts or even continents. Fancy sharing your photos, contact information and thoughts with everybody in the West Midlands, or a continent? If you join networks, that's exactly what will happen if you don't change the privacy settings.

Identity theft

That's not just bad news for the badly behaved students. It's a potential goldmine for identity thieves. According to credit reference agency Equifax , many social network users cheerfully publish personal data - their email address, their home address, their phone numbers, marital status and so on - without realising that such information is a boon to identity thieves.

Factor in lazy password creation - survey after survey shows that people use their children's or pet's names, or their favourite football team, as a password - and you can see how apparently innocent personal data can be misused.

According to Symantec 's ISTR (Internet Security Threat Report), ID thieves who amass enough information on someone to set up an online bank account sell that data for as little as 52p. As you'll see from the section 'Can we steal someone's ID?' below, if you're on the same network as your target, that information is easy to get hold of.

Parents should be particularly worried. A survey commissioned by privacy firm Garlik found that 40 per cent of teenagers regularly visit sites their parents have prohibited. Moreover, some 30 per cent divulge their full name, 12 per cent their address, 20 per cent their mobile number and 46 per cent their school name to virtual strangers.

Even apparently innocuous information can be misused, so, for example, if your child mentions that they're going on holiday, this gives the message 'my house is unattended' to a potential burgler. And endless reports have linked children's use of social networking services to cyberbullying, fraud and even grooming: only last month, MySpace deleted the profiles of some 29,000 convicted sex offenders.