Private information belonging to 553 million users was posted online. This wasn’t due to a clever cyber attack by hackers but a result of data scraping. Data scraping happens when software automatically harvests information publicly available on a website. Whoever scraped the data left all that information sitting in an unsecured database that anyone could access online.
Facebook said a flaw in their Contact Importer was behind the issue. “This feature was designed to help people easily find their friends to connect with on our services using their contact lists. When we became aware of how malicious actors were using this feature in 2019, we made changes to the contact importer. In this case, we updated it to prevent malicious actors from using software to imitate our app and upload a large set of phone numbers to see which ones matched Facebook users. “
The information included:
- Facebook IDs
- names
- birth dates
- phone numbers
To find out if you were affected, you can head over to https://haveibeenpwned.com/. Enter your email address or phone number to see if it was exposed in any data breaches.
To prevent issues like this from happening in the future, be careful about what type of information you share publicly on Facebook.
Click the drop-down arrow at the right of your Facebook feed and click on Settings and Privacy.
Then click Settings.
Click on Privacy.
Scroll down and check your settings.
Just another reason to abandon FB. In 2+ years, I haven’t missed it.