Facebook will not alert affected users of the data leak |
A Facebook spokesperson said: More than 530 million users who were affected by a data breach prior to 2019 cannot be notified due to abuse of a recently announced feature in the database. There is no plan currently.
Last week, Business Insider reported that phone numbers and other details can be found on user profiles in public databases.
Facebook said in a blog post: Before September 2019, malicious participants had collected data profiles using vulnerabilities in the platform's contact sync tool.
A Facebook spokesperson stated that the social media company is not convinced that it will be fully visible to users who need to be notified.
He said: It is also believed that if users choose not to notify users, they will not be able to fix the problem and reveal the data to the public, and Facebook addressed the vulnerability after identifying the problem at this point.
He added: The stolen information does not include financial information, health information or passwords, but the data collected can provide valuable information about violations or other violations.
BuzzFeed News reporter Ryan Mac noted that Facebook's statement conflicts with the company's failure to comment or take legal action against controversial watchdog company Clearview AI for collecting photos from Instagram and Facebook. Instagram and Facebook.
Long investigating how it handles user privacy, Facebook was founded in 2019 and signed a landmark settlement agreement with the United States Federal Trade Commission to investigate allegations of misuse of user data by the company.
The Irish Data Protection Commission is the main regulator of the European Union. Facebook has reported that it has contacted the company about the data protection breach and that it has not received any active contact from Facebook, but has now been contacted.
The US Federal Trade Commission July 2019 Settlement Agreement required Facebook to disclose details of unauthorized access to the data of 500 or more users within 30 days of confirming the incident.