Last weekend, it was reported that a database of records of more than 533 million Facebook accounts – including phone numbers, email addresses, birthdays and other personal details – had been shared online. . Although the leak did not include sensitive information such as credit card or social security numbers, the data could still be exploited by bad actors.
“In this case, we have updated it to prevent malicious actors from using software to imitate our app and downloading a lot of phone numbers to see which ones match Facebook users,” said Tuesday. Facebook’s director of project management, Mike Clark.
Although the data is from 2019, this week is the first time it has been uploaded. Because the data was pulled from public profiles, Facebook told CNN Business, the company can’t be certain exactly which users should be notified, and therefore has no plans to alert those potentially affected.
Instead, Facebook posted a Help Center page for users concerned their data may have been leaked. The page explains that only information that has been shared publicly on user profiles at the time of scratching, meaning the data does not include information that has been shared only with users’ friends, for example. It also details how users can adjust their privacy settings.
There are third-party websites, including haveibeenpwned.com, where users can search themselves to see if their personal data has been disclosed.
Facebook also said it “is working to remove this dataset and will continue to aggressively tackle malicious actors who abuse our tools wherever possible.”
“While we can’t always prevent the recirculation of such datasets or the appearance of new datasets, we have a dedicated team focused on this work,” Facebook wrote on the help page.
It’s been a tough week for data security: In addition to the Facebook reveal, LinkedIn confirmed Thursday evening that, in another incident, information was pulled from 500 million of its users’ profiles and is now on sale. on a site used by hackers.