San Francisco: Facebook said Tuesday that hackers “scraped” personal data for some half a billion users back in 2019 by taking advantage of a feature designed to help people easily find friends using contact lists.
A lot of information about more than 530 million Facebook users was shared over the weekend on a hacker forum, prompting the leading social network to explain what happened and urging people to be aware of privacy settings.
“It is important to understand that malicious actors have obtained this data not by hacking our systems, but by scraping them from our platform by September 2019,” Facebook product manager Mike Clark said in a post.
“This is another example of the ongoing, controversial relationship that technology companies are having with scammers who deliberately violate platform policies to scrape Internet services.”
The data included phone numbers, dates of birth and email addresses, and some of the data appeared to be current, according to U.S. media reports.
The stolen data did not include passwords or financial data, according to Facebook.
Scraping is a tactic that involves the use of automated software to collect information that is publicly shared online.
“All 533,000,000 Facebook posts were just leaked for free,” Alon Gal, chief technology officer at Hudson Rock cybercrime intelligence firm, said on Twitter on Saturday.
He condemned what he called Facebook’s ‘absolute negligence’.
“Bad actors will definitely use the information for social engineering, scams, hacking and marketing,” Gal said on Twitter.
Clark urged members of the social network to check their privacy settings to check what information can be viewed in public, and to tighten account security with two-factor authentication.
This is not the first time leaks or use of data from the world’s largest social network – with nearly two billion users – have plagued Facebook in controversy.
In 2016, a scandal surrounding Cambridge Analytica, a UK consulting firm that used personal data from millions of Facebook users to target political ads, cast a shadow over the social network and its handling of private information.