image
The leak of personal data from more than 533 million Facebook users was scraped from their profiles by malicious actors because of a security flaw in the company’s platform prior to September 2019, the social media giant said Tuesday. Threat actors posted that data to a public hacker forum over the weekend, once again raising privacy concerns and putting Facebook in the middle of controversy over its protection, or lack thereof, of user data. At the time it was suspected the data had been scraped due to a bug in the Add Friend feature that was discovered in 2019. In an attempt to set the record straight, the company confirmed in a blog post Tuesday that the leak indeed was due to a flaw in its “contact importer” that has been previously reported and already fixed by the company. “We believe the data in question was scraped from people’s Facebook profiles by malicious actors using our contact importer prior to September 2019,” according to the post by Mike Clark, a Facebook product management director. “This feature was designed to help people easily find their friends to connect with on our services using their contact lists.” In his post, Clark called the leak “another example of the ongoing, adversarial relationship technology companies have with fraudsters who intentionally break platform policies to scrape internet services” and said the company is confident that the issue that allowed for the data scraping “no longer exists.” Possible Regulatory Action No matter,…

Source