To date, Facebook insists it has not intentionally released this information and has made changes to prevent this data leakage. Social networks are entrusted with people's personal data this should requires an embedded sense of responsibility.
As with PleaseRobMe.com, it is easy for people to determine from your IP address that you are trapped away from home in a European ash cloud, or that you are lying about your activities and location. Using online services and social media for communications carries with it the same risks as sending emails, in my opinion a great deal more.
Hopefully Facebook is listening to all of the commentary related to their users' concerns over privacy, and will make changes to their system. They are clearly aware that including the IP is a bad idea, considering their move to begin hiding it, albeit trivially.
So this weekend when you upload your photos or share an event, check your privacy settings and don't go into too much detail as you don't know who will be reading or looking at your items.
Fairly scary stuff.
http://www.sophos.com/blogs/chetw/g/2010/05/08/facebook-notifications-leak-ip-addresses/