According to US media, in the latest privacy lapse for Facebook, phone numbers associated with upwards of 400 million Facebook accounts were listed online.
Reports suggest that an uncovered server stockpiled 419 million records on users across numerous databases, including 133 million US accounts, more than 50 million in Vietnam, and 18 million in the UK.
The server was not password protected, which means anyone could access the databases, and remained online until late Wednesday.
Facebook verified parts of the report but undervalued the degree of the exposure, saying that the number of accounts so far established was nearly half of the stated 419 million.
The company said that several of the entries were copies and that the data was old.
“The dataset has been taken down and we have seen no evidence that Facebook accounts were compromised,” a Facebook spokesperson said.
Facebook already has come under a lot of flak over privacy issues and its reckless ways of gathering data from its roughly 2.4 billion users globally. The social media giant’s past lack of data safety and several ways to monetize user data in particular have received censure from security experts.
According to researchers, the latest breach is particularly bad because Facebook has limited access to user phone numbers for more than a year as a part of an effort to improve data practices.
While the numbers linked with the latest breach seem to be data published online from before the company stopped disseminating numbers, it’s still worrying that they’ve been made available, they said.