419 mn phone numbers and IDs linked to Facebook compromised
In yet another security lapse, 419 million phone numbers and IDs linked to Facebook, reportedly stored in an online server without protection, were exposed in an open database.
According to a Techcrunch report, about 133 million affected users were from the US, 18 million from the UK, and over 50 million from Vietnam. The Facebook unique ID, which was available online, could be used to get the name of the users.
As per the report, the US-based social media giant has confirmed the privacy lapse and has taken down the data set as soon as it was reported by the media.
Facebook added the data set was old as the information obtained was before Facebook changed its policy last year that allowed users to find others using their phone numbers.
Sanyam Jain, a security researcher and member of the GDI Foundation, reportedly found the database leak, including profiles with phone numbers associated with several celebrities.
Facebook had been grappling with global criticisms for its ignorance towards users’ data. The issue was first highlighted last year in April, when it admitted that British political consulting firm Cambridge Analytica might have had access to the personal information and data of 87 million people, 37 million more than originally estimated. It also revealed that data belonging to over 562,455 Indian users may have been improperly accessed by the political consulting firm.
Post the data breach, Facebook has undertaken several measures to cleanse and control its platform, and make it more transparent. Recently, the social media giant launched a new tool called 'Off-Facebook Activity, allowing users to have control over the data accessed by third-party apps and websites sent to Facebook for ad targeting.
In most recent development, Facebook has published a white paper, that sets forth five questions about data portability and privacy, in order to start a global conversation about what it means to build a privacy-protective data portability.
"These are complex questions and we hope to make a small contribution to the thought and research from privacy experts, think tanks and regulators already working on data portability," Erin Egan, Vice President and Chief Privacy Officer, Policy said in the blog.
(Edited by Suman Singh)