A Facebook representative said that the company did not alert more than 530 million users whose information was collected through the abuse of a feature prior to 2019 and was recently made public in a database, and that it has no plans to do so in the future.
Last week, Business Insider claimed that a public database contained phone numbers and other information from user profiles. In a blog post largest social media platform said that “malicious actors” had accessed the data prior to September 2019 by “scraping” profiles using a loophole in the platform’s communication syncing tool.
According to a social giant’s spokesperson, the social media firm isn’t sure it has complete insight into which users will need to be updated. He added that the decision to not alert users was based on the fact that users could not solve the problem and that the data was publicly accessible. Facebook claims to have patched the hole after discovering it at the time.
Financial information, health information, or passwords were not included in the scraped data, according to Facebook. The gathered knowledge, on the other hand, might be useful for hacking or other forms of violence.
In 2019, Facebook and the US Federal Trade Commission reached a historic settlement over claims that the company misused user data. Facebook has long been criticised for how it treats user privacy.
The European Union’s lead regulator for Facebook, Ireland’s Data Protection Commission, said that it had contacted the company about the data leak. It stated that it had received “no proactive correspondence from Facebook” but that it was now in touch with the company.
According to the FTC’s July 2019 settlement, Facebook must publish information about unauthorised access to data on 500 or more users within 30 days of the incident being verified.
A Facebook spokesman refused to comment on the company’s discussions with regulators, but said the company was in touch to respond to their concerns.