Facebook says it 'unintentionally' saved contacts of 1.5 million users
Earlier this month, a security researcher reported that Facebook had asked some users to share the password of their emails to complete sign-up for the social network. The practice was widely condemned by security experts, but now, Business Insider reports that the company also used this access to harvest the contacts of as many as 1.5 million people, 'unintentionally'. Here are the details.
Facebook sought password for verification
When new users signed-up on Facebook, the social network prompted them to enter the password for the email they used as part of a verification step. However, when users did so, the company displayed a pop-up of importing contacts. It wasn't immediately clear what this message meant, but now, the company has admitted it accidentally uploaded contacts of those email accounts this way.
Contacts from 1.5 million email accounts stored
Speaking to Business Insider, a spokesperson from Facebook said they accidentally uploaded email contacts of as many as 1.5 million people who signed up on the service since May 2016. The contacts were taken without any consent from these people, stored on Facebook's servers, and used for suggesting them friends on the service. It's not clear if targeting was also done using this information.
Here's what Facebook's spokesperson said on the matter
"We found that in some cases people's email contacts were also unintentionally uploaded to Facebook when they created their account. We estimate that up to 1.5 million people's email contacts may have been uploaded. These contacts were not shared with anyone and we're deleting them."
Facebook is also notifying affected users
As part of its efforts to contain the matter, Facebook has also said that it has fixed the issue and would notify the users who accidentally had their information uploaded on the service. The social networking giant also says that it has stopped "offering email password verification as an option for people verifying their account when signing up for Facebook for the first time".
Another bad case for Facebook
Now, this makes another bad case that would make people skeptical of Facebook's data collection/storage practices. The company has had a tough time protecting the data of its users, thanks to bugs, breaches, leaks et al. And if it fails to get a grip over these issues, it won't be long before a major chunk of Facebook users would lose trust in the company.