FACEBOOK'S DATA BREACHES were becoming punctuation marks to our week, but it's been relatively quiet recently. That all changed this week as it was revealed that details of 400 million users had been found in an unencrypted online database.
The records were part of the now-defunct feature that let you find users by their phone number. It was closed in April 2018 in the wake of the Cambridge Analytica scandal, but it appears that its ghost is back to haunt us.
Amongst the list of shame, Techcrunch reports that there are 133 million US users, 18 million UK users and 50 million Vietnam users.
It doesn't appear that the data has been breached in any way, but the fact that it was sitting on a server that didn't require a user name or password is a huge concern.
Worse still, because each record was marked against their Facebook ID number (that long number in the URL of your profile page) that means that anyone who had got hold of them could easily cross-reference them with all the data points you've let into the public domain.
In fact, do exactly what prompted Facebook to close the feature in the first place. In some cases, the user name, gender and country were also listed.
Facebook says that the data was nothing to do with them, but appears to have been ‘scraped' from the database before access to phone number records was switched off.
In other words, this is delayed fallout from Cambridge Analytica.
Facebook has confirmed that the data set is old - but given that some people never change their phone number, there's a good chance that a big chunk of it is still relevant.
Fortunately, it's been taken down now, and because no breach took place, there's nothing you need to do to resecure your account.
The incident serves as another reminder that unsecured files on servers are a growing problem. It also reminds us that Facebook's former failures aren't completely fixed yet.
The question is now - who scraped, and why? μ
Put a Ring-Con on it
We know. We're as surprised as you are
It's available across all major UK networks