05 September 2019
San Francisco: In yet another data breach, over 419 million phone numbers linked to Facebook users have been discovered in an open online database.
The database included 133 million records of US-based Facebook users, 18 million records of UK users and more than 50 million records of users in Vietnam, TechCrunch reported on Wednesday.
This latest data breach exposed millions of users' phone numbers just from their Facebook IDs, putting them at risk of spam calls and 'SIM-swapping' or 'SIM jacking' where a mobile number is transferred to a new SIM card.
Sanyam Jain, a security researcher at The Hague-based non-profit organisation GDI Foundation, found the database.
After the web host was contacted, the Facebook users' database was pulled offline.
Some of the records also had the user's name, gender and location by country.
A Facebook spokesperson said the data set was old and had been deleted.
"This data set is old and appears to have information obtained before we made changes last year to remove people's ability to find others using their phone numbers," the spokesperson was quoted as saying.
"The data set has been taken down and we have seen no evidence that Facebook accounts were compromised," the spokesperson added.
There have been several incidents after the Cambridge Analytica episode involving 87 million users where Facebook acknowledged series of privacy lapses, including the latest admission that it mishandled millions of users' passwords on Instagram and "unintentionally" uploaded emails of nearly 1.5 million of its new users.