More than 267 million Facebook users had their names, phone numbers and exposed profiles, thanks to a database that could be accessed without any obstacle for approximately two weeks.
This was revealed by the British company Comparitech and the data security researcher Bob Diachenko to Business Insider, after specifying that the majority of those affected were Americans.
The people identified in the database may be targeted by spam messages or other scam attempts using their name and phone number, the publication said.
A Facebook spokesman said we are investigating this problem, but we believe it is likely to be information obtained before the changes we made in recent years to better protect people's information. ”
Business Insider record that Facebook removed the telephone information from its application programming interface (API) in April 2018, after the Cambridge Analytica scandal, so the filtered numbers will have a minimum age of 18 months.
The version details that the database first appeared on December 4, 2019, but only eight days later it was publicly shared in a hacker forum.
Believing that the database was part of a criminal company, Diachenko informed the internet service provider on the 14th, he adds. Fortunately for the 267,140,436 affected, the database is no longer online.
Comparitech suggested changing the privacy settings on Facebook, to allow only friends to see the posts, and enable the settings to skip the profile from appearing in the search engine results.
The database could be stolen from the Facebook developer API, which shares confidential information with the creators of the application, postulates the press release.
It is also suspected that those who created the database may have used automated robots to extract information from publicly visible Facebook pages.