Facebook "unintentionally" uploaded 1.5m user email contacts

Latest gaff from the social network is a glitch that began in May 2016

Facebook login page

Facebook has said it "unintentionally" uploaded the email contacts of more than 1.5 million users on to its social network thereby breaching people's privacy. 

This latest data harvesting gaff happened via a system used to verify the identity of new members. In 2016, Facebook asked new users to supply the password for their email account, and took a copy of their contacts.

All this was done automatically when an email and password was submitted, with a message informing users that their contacts were being imported without them having prior knowledge or having given consent. The social network said it has now changed the way it handles new users to stop contacts being uploaded.

"We estimate that up to 1.5 million people's email contacts may have been uploaded. These contacts were not shared with anyone and we are deleting them," Facebook told Reuters, adding that users whose contacts were imported will be notified.

This is the latest privacy issue to come out of Facebook, with the company seemingly going from one problem to the next for the last two years. Most recently the company admitted to storing user passwords in plain text, sans any encryption.

On this occasion, the information grabbed is believed to have been used by Facebook to help map social and personal connections between users. The contacts started being taken without consent in May 2016, according to Business Insider. Before that, new users were asked if they wanted to verify their identity via their email accounts.

Users were also asked if they wanted to upload their address book, voluntarily. This option and the text specifying that contacts were being grabbed was changed in May 2016, but the underlying code that scrapped these contacts was left intact, according to Facebook.

The company is currently under unrelenting scrutiny from regulators around the globe for its data policies and attitudes to user privacy, but it's also coming under fire for internal cockups and the way it's managing them.

Tracing a line back to the Cambridge Analytica scandal, the company has had as many outages and data breaches as it has regulator action from organisations such as the ICO or the Irish Data regulator and even the American FCC.

Featured Resources

BIOS security: The next frontier for endpoint protection

Today’s threats upend traditional security measures

Download now

The role of modern storage in a multi-cloud future

Research exploring the impact of modern storage in defining cloud success

Download now

Enterprise data protection: A four-step plan

An interactive buyers’ guide and checklist

Download now

The total economic impact of Adobe Sign

Cost savings and business benefits enabled by Adobe Sign

Download now

Recommended

8 of the most secure web browsers
web browser

8 of the most secure web browsers

25 Sep 2020
Your essential guide to internet security
Security

Your essential guide to internet security

23 Sep 2020
How to enable private browsing on any device
privacy

How to enable private browsing on any device

22 Sep 2020
Third-party apps are tracking your WhatsApp activity
social media

Third-party apps are tracking your WhatsApp activity

21 Sep 2020

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
The Xbox Series X shows how far the cloud still has to go
Cloud

The Xbox Series X shows how far the cloud still has to go

25 Sep 2020