Recently we heard that details of over 500 million users from Facebook had been leaked, we previously heard that the data was taken in a hack on Facebook.
Now Facebook has released a statement and has said that the details have been scraped from Facebook and that this happened back in 2019.
We believe the data in question was scraped from people’s Facebook profiles by malicious actors using our contact importer prior to September 2019. This feature was designed to help people easily find their friends to connect with on our services using their contact lists.
When we became aware of how malicious actors were using this feature in 2019, we made changes to the contact importer. In this case, we updated it to prevent malicious actors from using software to imitate our app and upload a large set of phone numbers to see which ones matched Facebook users. Through the previous functionality, they were able to query a set of user profiles and obtain a limited set of information about those users included in their public profiles. The information did not include financial information, health information or passwords.
You can see the full statement from Facebook about the recent data breach over at their website at the link below.
Source Facebook