Pierluigi Paganini
April 18, 2019
New problems for Facebook, the company collected contacts from 1.5 Million email accounts without user’permission.
We recently read about an embarrassing incident involving the social network giant that asked some newly-registered users to provide the passwords to their email accounts to confirm their identity.
Some experts speculated that the social network giant was using the password to access the email accounts and collect their contacts.
New of the day is that Facebook admitted it was collecting email contacts of some of its users.
“Facebook harvested the email contacts of 1.5 million users without their knowledge or consent when they opened their accounts. Since May 2016, the social-networking
“The Silicon Valley company said the contact data was “unintentionally uploaded to Facebook,” and it is now deleting them.”
Of course, Facebook declared that it has “unintentionally” uploaded email contacts from up to 1.5 million new users on its servers since May 2016, but the company was never authorized to do it and did not receive their consent.
This means that roughly 1.5 million users unintentionally shared passwords for their email accounts with the social network.
According to a Facebook spokesperson who spoke with Business Insider, the company was using harvested data to “build Facebook’s web of social connections and recommend friends to add.”
“At the time, it
Facebook stopped using this email verification process a month ago, when a researcher using the pseudononymous of “e-sushi” noticed that the social network was asking some users to enter their email passwords when they signed up for new accounts.
“Last month we stopped offering email password verification as an option for people verifying their account when signing up for Facebook for the first time. When we looked into the steps people were going through to verify their accounts we found that in some cases people’s email contacts were also unintentionally uploaded to Facebook when they created their account,” the spokesperson said in a statement.
“We estimate that up to 1.5 million people’s email contacts may have been uploaded. These contacts were not shared with anyone and we’re deleting them. We’ve fixed the underlying issue and are notifying people whose contacts were imported. People can also review and manage the contacts they share with Facebook in their settings.”
The list of incidents that involved the company in the last year is long. In April experts found 540 Million Facebook user records on unprotected Amazon S3 buckets.
In March 2019, Facebook admitted to having stored the passwords of hundreds of millions of users in plain text.
In October 2018, Facebook disclosed a severe security breach that allowed hackers to steal access tokens and access personal information from 29 million Facebook accounts.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – Facebook, privacy)
[adrotate banner=”5″]
[adrotate banner=”13″]
