Facebook phone numbers leak, Users Were Publicly Available.
An exposed server with more than 419 million records from Facebook users has been discovered online, reports TechCrunch.
The server was not protected with a password and was accessible to anyone. It featured 133 million records from U.S.-based Facebook users, 18 million records from users in the UK, and 50 million records on users in Vietnam.
The records contained each person’s unique Facebook ID along with the phone number listed on the account. Facebook IDs are unique numbers that can be associated with an account to discover a person’s username.
Facebook restricted access to phone numbers more than a year ago, so the database that was found is older than that. A Facebook spokesperson said that the data had been scraped prior to when Facebook cut off access to phone numbers, calling the dataset “old.”
“This dataset is old and appears to have information obtained before we made changes last year to remove people’s ability to find others using their phone numbers,” the spokesperson said. “The dataset has been taken down and we have seen no evidence that Facebook accounts were compromised.”
TechCrunch was able to verify multiple records in the database by matching a known Facebook user’s phone number against a listed Facebook ID. Other records were verified by matching phone numbers with Facebook’s password reset feature, which can be used to partially reveal a phone number linked to an account. Records primarily had phone numbers, but in some cases, also had usernames, genders, and country location.