Facebook Collected Contacts from 1.5 Million Email Accounts Without Users’ Permission

Facebook Collected Contacts from 1.5 Million Email Accounts Without Users’ Permission

Not a week goes without a new Facebook blunder.

Remember the most recent revelation of Facebook being

caught asking users

new to the social network platform for their email account passwords to verify their identity?

At the time, it was suspected that Facebook might be using access to users’ email accounts to unauthorizedly and secretly gather a copy of their saved contacts.

Now it turns out that the collection of email contacts was true, Facebook finally admits.

In a statement released on Wednesday, Facebook said the social media company “unintentionally” uploaded email contacts from up to 1.5 million new users on its servers, without their consent or knowledge, since May 2016.

In other words, nearly 1.5 million users had shared passwords for their email accounts with Facebook as part of its dubious verification process.

A Facebook spokesperson


information with Business Insider that the company was using harvested data to “build Facebook’s web of social connections and recommend friends to add.”

The social media giant said the company had stopped this email verification process a month ago and has assured its users that it has not shared those contacts with anyone and that it has already started deleting them.

“Last month we stopped offering email password verification as an option for people verifying their account when signing up for Facebook for the first time,” Facebook says.

“We estimate that up to 1.5 million people’s email contacts may have been uploaded. These contacts were not shared with anyone and we’re deleting them. We’ve fixed the underlying issue and are notifying people whose contacts were imported. People can also review and manage the contacts they share with Facebook in their settings.”

This recently reported incident is the latest in a long list of privacy-related issues and controversies the tech giant is dealing with.

Just last month, Facebook was caught storing

passwords of hundreds of millions of users

in plaintext within its internal servers, which were accessible to some of its employees.

In October last year, Facebook also announced its

worst-ever security breach

 that allowed hackers to successfully steal secret access tokens and access personal information from

29 million Facebook accounts


The recent revelation once again underlines the failure of Facebook to protect its users’ information while generating billions of dollars in revenue from the same information.

via The Hacker News https://thehackernews.com/
Link : https://thehackernews.com/
April 18, 2019 at 01:02PM


Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *