Facebook says data from 530M users was obtained by scraping, not hack

From CNET: Facebook is attributing a reported data leak with information on more than 530 million users to a vulnerability that it previously identified in 2019. Malicious actors exploited a Facebook feature by using a method of scraping, an often automated process of netting unsecured public data, the company said in a blog post. Facebook said it has since taken action to prevent further exploitation of this feature.

"As a result of the action we took, we are confident that the specific issue that allowed them to scrape this data in 2019 no longer exists," Mike Clark, product management director for Facebook, said in Tuesday's blog post.

Personal information on hundreds of millions of Facebook users, including names, birth dates and phone numbers, was reportedly posted to a website for hackers. The data set contains information on 533 million users from 106 countries, according to Business Insider, which first reported on its availability. The data appears to be years old but could still provide valuable information to identity thieves and scammers.

Facebook said the technical flaw that created the vulnerability was found in the app's ability to import contacts from a user's phone. The captured data was previously reported on in January, after appearing for sale on Telegram. The dataset is now apparently available for free.

View: Full Article