Hundreds of millions of phone numbers that were connected to Facebook accounts are now available in online databases and anyone can find and access this information before the information was taken down.
According to the TechCrunch report, A security researcher discovered more than 419 million records in different databases that were part of a server that wasn’t password protected.
The Facebook spokesperson mentioned that “this company is still crunching the numbers but there were duplicates in those records”.
It estimates that about 200 million Facebook users were affected.
The Facebook spokesperson also mentioned in a statement that “This dataset is old and appears to have information obtained before we made changes last year to remove people’s ability to find others using their phone numbers. The dataset has been taken down, and we have seen no evidence that Facebook accounts were compromised.”
The social network believes that Facebook’s new flaw will allow users to look up users by phone number so everyone can scrap the data by using the phone number. Facebook shut down that search tool in April 2018, In the wake of the Cambridge Analytica scandal in March 2018.
Facebook couldn’t discover who was behind the databases or why they scraped that data. TechCrunch and security researcher Sanyam Jain, who found the exposure of phone numbers, also weren’t able to identify who has the databases.
Privacy and security experts warned social media users about providing their phone numbers online. The exposure of these numbers can put users at risk for harassment, spam and SIM swapping when someone convinces a cell phone carrier to change your number to another SIM card.
Colin Bastable, CEO of security awareness training company Lucy Security mentioned in a statement that “Think hard before giving your phone number to any social networking business – they are in the business of aggregating and monetizing consumer data. And the phone number can be used to compromise your account.”