Facebook has confirmed that the email contacts it collected from approximately 1.5 million users since May 2016 have been uploaded to the site unwittingly. Those contact lists belong to individuals who were creating a new account with the social media giant.
The company's admission comes after a security researcher called public attention to Facebook's harvesting of the users' email passwords as part of a verification step during signup. After entering the email password, Facebook would then go on importing the users' contact lists without their consent. Of course, this practice goes against the grain of personal data security standards. Facebook is not immediately available for comment as of this writing.
The collected email contacts serve a key role in the social media giant's ad targeting activities and other efforts to suggest friends for users to add on the network. Facebook was quick to clarify that it did not gain access to email content. However, data mishandling of this sort still indicates an oversight where the company's security practices are concerned. Facebook said it has since been removing those uploaded contact lists.
It is not clear for now how many contact emails exactly were uploaded to Facebook's system. The latest privacy misstep is the latest in a spate of scandals that hit the Menlo Park-based internet giant over the past few weeks including the improper storing of user passwords in plain text and a massive data leak of user data by third-party apps.
Source: Business Insider