Facebook Inc on Tuesday said a recently reported data leak affecting potentially 530 million users stemmed from a misuse of a feature in 2019 and that the company had plugged the hole after identifying the problem at the time.
Business Insider reported last week that phone numbers and other details from user profiles were available in a public database. Facebook said “malicious actors” had obtained the data prior to September 2019 by “scraping” profiles using a vulnerability in the social media service’s tool to sync contacts.
The company said it identified the issue at the time and modified the tool.
“As a result of the action we took, we are confident that the specific issue that allowed them to scrape this data in 2019 no longer exists,” Facebook said in a blog post.