People used this feature to easily look up their friends, which was handy when in a language that took effort to type out a full name or pick between multiple accounts with the same name, Facebook's blog post noted. But 'malicious actors' have abused it to scrape publicly-available information, usually by dropping in phone numbers or emails into the search box and connecting them to the profile that surfaced, the social media company said.

And this might have had huge implications: "Given the scale and sophistication of the activity we've seen, we believe most people on Facebook could have had their public profile scraped in this way," the post read. The platform shut down this search by phone/email feature and will change how users recover their account to reduce the risk of scraping.