More than 530 million Facebook users remain uninformed about a massive data leak at Facebook that dates back well into 2019.
Facebook said Tuesday that malicious actors obtained phone numbers and other details from users before September 2019 by scraping profiles through a vulnerability in the platform’s tool for syncing contacts.
The social media giant was unsure of the limited visibility it had to inform users about. It had patched the hole after discovering the leak at the time. Financial data, health information or passwords were not in the scraped information. Nevertheless, the data collected was a bonanza for hackers and cyber criminals.
Facebook has long come under criticism for misconduct in managing users “privacy, culminating in a landmark settlement with the US Federal Trade Commission in 2019 over its investigation into alleged misuse of user data by companies.
The July 2019 FTC settlement requires Facebook to disclose details of unauthorized access to data of 500 or more users within 30 days of an incident being confirmed.
For more information, you may read the original story from Reuters.