Facebook said it has “unintentionally uploaded” 1.5 Million Users Email Account and it is now deleting them.
Previously, the Facebook was asking to enter the passwords of users email account while creating a new Facebook account, noticed by security researchers.
About 1.5 million users shared their passwords for their email accounts since May 2016.
A Twitter handled e-Sushi (Cyber security expert) noticed,
Hey @facebook, demanding the secret password of the personal email accounts of your users for verification, or any other kind of use, is a HORRIBLE idea from an #infosec point of view. By going down that road, you’re practically fishing for passwords you are not supposed to know! pic.twitter.com/XL2JFk122l
— e-sushi (@originalesushi) March 31, 2019
Facebook issued a statement to Business Insider,
“Last month we stopped offering email password verification as an option for people verifying their account when signing up for Facebook for the first time.”
“When we looked into the steps people were going through to verify their accounts we found that in some cases people’s email contacts were also unintentionally uploaded to Facebook when they created their account.”
“We estimate that up to 1.5 million people’s email contacts may have been uploaded. These contacts were not shared with anyone and we’re deleting them.”
“We’ve fixed the underlying issue and are notifying people whose contacts were imported. People can also review and manage the contacts they share with Facebook in their settings.”
Facebook Also Confirmed the issue.
A Facebook Spokeperson has confirmed to Rob price (A Business Insider news Editor) the harvested contacts weren’t just used to recommend friends to users — the data was also utilised to “improve ads.”
Day by day the Facebook crises is rising, also many users and companies have deleted their accounts from Facebook due to the privacy issue.
How to protect your account?
- Do not share your email password to Facebook
- Keep change your password time by time
- Use unique style password.
- Do not use other account password for Facebook account.
- Use 2FA Authentication
- Do not click unknown link or attachment through email
- Be Safe Online
Previously leaked Facebook timeline as follow-
- Bug In Facebook Messenger To Allowed Websites To Access User Data
- Facebook shared your data to Tech Firm.
- Facebook caught over it data privacy policies.
- According to NYT report there are more than 150 Tech firms can access your Email Address and private messages.
- “View As” feature Bug allowed to steal secret access token for more than 50 million accounts. Facebook had temporarily turning off the feature for security purpose.