Chances are that you’ve heard the story about how the phone numbers and personal data of over half a billion Facebook users has been leaked online.
The details of the 533 million users from 106 countries were scooped up from Facebook via a vulnerability in a feature which was supposed to help you connect with friends on the social network.
Facebook’s initial response to media queries was curt and dismissive:
“This is old data that was previously reported on in 2019. We found and fixed this issue in August 2019.”
It was also inaccurate.
The truth is that the data isn’t old. It might have been hoovered off Facebook a while ago, but most people won’t have changed their names, their phone numbers, their sex, their location, since then.
For most people the leaked data is current. It’s still data that could be exploited.
Sign up to our newsletterSecurity news, advice, and tips.
Furthermore, I would argue that data such as an individual’s phone number can be extremely dangerous (for instance, imagine if it fell into the hands of a abusive ex-partner, a celebrity stalker, or a SIM swapper).
Clearly Facebook has now had some second thoughts about its initial “it’s old data, please don’t think it’s news” approach, and is trying again.
In a blog post Facebook describes what it says are “the facts on news reports about Facebook data”.