Facebook has no plans of notifying users whose data was leaked during the recent massive data breach involving social media platform This massive data breach had exposed the personal details of around 533 million Facebook users. The personal information included details such as phone numbers, Facebook ID, birthdates, etc, of millions of users.
The social media platform in a recent statement had stated that the leaked data has not been obtained through its system. Facebook claims that the data was scrapped from its platform sometime before September 2019.
Facebook told Reuters that it has no plans of informing users who might have been affected by this data leak. "It also took into account that users could not fix the issue and that the data was publicly available in deciding not to notify users," told a Facebook spokesperson, according to Reuters.
The social media giant on April 6 had published a blog in which they admitted that a data breach had occurred but added that the data was actually stolen back in 2019.
"It is important to understand that malicious actors obtained this data not through hacking our systems but by scraping it from our platform prior to September 2019. This is another example of the ongoing, adversarial relationship technology companies have with fraudsters who intentionally break platform policies to scrape internet services. As a result of the action we took, we are confident that the specific issue that allowed them to scrape this data in 2019 no longer exists. But since there's still confusion about this data and what we've done, we wanted to provide more details here," read the Facebook blog.
Facebook has stated that the said data was scrapped by cybercriminals utilising the social media site's contact importer feature. Facebook had introduced this feature to help its users find their friends on the platform. However, Facebook had made changes to the feature way back in 2019 when it had become aware of how malicious actors were misusing it.
"We updated it to prevent malicious actors from using software to imitate our app and upload a large set of phone numbers to see which ones matched Facebook users. Through the previous functionality, they were able to query a set of user-profiles and obtain a limited set of information about those users included in their public profiles. The information did not include financial information, health information, or passwords," the blog read.
Meanwhile, cybersecurity experts have claimed that the breach is not as old as Facebook has said.