I had a security class at my university and our teacher mentioned a survey (a while back so things hopefully have changed) where about 13% of people would have given their password to a coworker in exchange for a chocolate bar ... security starts at the user level.
lowguppy... yeah right... bumping has been a problem since the dawn of locks that the lock smiths tried to hide. The same parallel goes for software security. They hide it until they are busted before taking any action. LOL.
I am extremely careful about posting anything sensitive to the one "social" site I use - LinkedIn. Personally, I do not see LinkedIn as a "social" site. I see it as a "professional" networking site that just might get me a job some day, and in fact, I likely would have found a job through there if I had not found my current job elsewhere first.
I do not use the other "social" sites. The whole world does not need to know every detail of my personal life. Besides, I have things that I consider more important.
I think some people are missing the point of this study. Whats happening is people putting there own information on the social sites and through that information you can exploit the company you work for in some way. AS an example, I have an employee ID. Even though it is not a company secret or classified in any way, the # combined with my full name could gain you access to even further information. I'd imagine a number of my coworkers throw there ID #s just about everywhere.