Latest in Gear

Image credit: ASSOCIATED PRESS

Facebook’s latest leak includes data on millions of users (updated)

It contained phone numbers and users' names, genders and countries.
2267 Shares
Share
Tweet
Share
Save

Sponsored Links

ASSOCIATED PRESS

A security researcher has discovered databases containing more than 419 million records tied to Facebook accounts. It appears the data -- which includes phone numbers and Facebook IDs and in some cases users' names, genders and countries -- was scraped from the platform. However, it's not clear who pulled that information from Facebook or why.

The dataset included 133 million records on Facebook users in the US, 18 million on people in the UK and 50 million on users in Vietnam. The researcher, Sanyam Jain, found the databases on an exposed server that wasn't protected with a password. He told TechCrunch he found phone numbers linked to several celebrities.

"This dataset is old and appears to have information obtained before we made changes last year to remove people's ability to find others using their phone numbers," a Facebook spokesperson told Engadget. "The dataset has been taken down and we have seen no evidence that Facebook accounts were compromised. The underlying issue was addressed as part of a Newsroom post on April 4th 2018 by Facebook's Chief Technology Officer."

The company told Engadget that much of the information in the databases is duplicated. As such, it says the true number of affected accounts is about half that 419 million figure. The company also noted that since the access changes it announced in April last year, it has been trying to reduce the risk of data scraping.

Still, while the information in these databases might be from some time ago, people tend to hang onto their numbers for a long time. The leak could put them at risk of spam calls and SIM-swapping scams that could endanger their online accounts -- not just on Facebook. A Facebook ID, meanwhile, is a unique number associated with each account, and it's not difficult to find the user to whom it's linked.

The company has faced numerous privacy issues over the years, including the Cambridge Analytica scandal that led to a $5 billion Federal Trade Commission settlement. Several other instances occurred this year in which millions of Facebook and Instagram users' details were exposed, but not by the company itself. Last fall, a data breach exposed the private information of 29 million users.

Update 9/4/2019 5:30PM ET: Added some more information from Facebook.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
2267 Shares
Share
Tweet
Share
Save

Popular on Engadget

Hulu's 'Castle Rock' season 2 teaser shows the origins of 'Misery'

Hulu's 'Castle Rock' season 2 teaser shows the origins of 'Misery'

View
YouTube is shutting down its TV-friendly web interface

YouTube is shutting down its TV-friendly web interface

View
SIM-based attack has been used to spy on people for two years

SIM-based attack has been used to spy on people for two years

View
Discord is pulling its subscription service's free games library

Discord is pulling its subscription service's free games library

View
Deluge of Pixel 4 photos confirms a few of the phone's key specs

Deluge of Pixel 4 photos confirms a few of the phone's key specs

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr