A few days ago, a story was published saying that information from more than 530 million Facebook users had been made publicly available. Since then, Facebook has been under a lot of scrutinies seeing as this is not their first data privacy scandal.
In response to that, the company has released an official statement stating what went down. Their first form of defence states that they were not hacked. Rather, that malicious actors got this data by scraping it from their platform prior to September 2019.
Facebook Users Information Goes Public
The scrapping methods used to obtain this data set were previously reported in 2019 Since then Facebook says that they solved the issue and are keeping everyone’s information ‘safe’. However, since there is still some confusion on the matter, they want to directly address it. Here’s the breakdown.
“We believe the data in question was scraped from people’s Facebook profiles by malicious actors using our contact importer. This is prior to September 2019. This feature was designed to help people easily find their friends to connect with on our services using their contact lists.” ~ Facebook
The company notes that when they became aware of how malicious actors were using this feature in 2019, they made changes to the contact importer. In this case, they updated it to prevent malicious actors from using software to imitate the app and upload a large set of phone numbers to see which ones matched Facebook users.
Through this, they were able to query a set of user-profiles and obtain a limited set of information. All this is information included in their public profiles. Facebook notes that the information did not include financial information, health information or passwords.
“We’re focused on protecting people’s data. We aim to do this by working to get this data set taken down. This means aggressively going after malicious actors who misuse our tools wherever possible.” ~ Facebook
The company can only do so much. So to take care of yourself and your information, Facebook suggests you update the “How People Find and Contact You” control.
You can also do regular privacy checkups to make sure that your settings are in the right place. This includes checking who can see certain information on your profile and enabling two-factor authentication.