Hundreds of millions of Facebook users’ phone numbers were exposed in an open online database, the company confirmed Wednesday, in the latest example of Facebook’s past privacy lapses coming back to haunt its users.
More than 419m Facebook IDs and phone numbers were stored in an online server that was not password protected, the technology website TechCrunch reported. The dataset included about 133m records for users in the US, 18m records for users in the UK and 50m records for users in Vietnam.
The database was taken offline after TechCrunch contacted the web host.
Facebook confirmed the report and said it was investigating when and by whom the database was compiled. A spokeswoman for the company also claimed that the actual number of users whose information was exposed was approximately 210m, because the 419m records contained duplicates.
The records were likely amassed using a tool that Facebook disabled in April 2018 in the aftermath of the Cambridge Analytica controversy.