A company spokesman said Wednesday that Facebook Inc. had not notified more than 530 million users whose details had been obtained through a feature abuse before 2019 and had recently been made public in a database and that There are currently no plans to do so, a company spokesman said Wednesday.
Business Insider reported last week that more details from phone numbers and user profiles were available in the public database. Facebook said in a blog post on Tuesday that the “dangerous actors” obtained the data by “scratching” the profile, using vulnerabilities in the platform’s tools to sync contacts before September 2019.
A Facebook spokesperson said the social media company was not convinced it had the full vision that would require users to be notified. He said it was also important to keep in mind that users could not resolve the issue and that data was publicly available in the decision not to inform users. Facebook says it plugged in the hole after identifying a time problem.
The bad information did not include financial information, health information, or passwords, Facebook said. However, the collected data can provide important information for hacking or other abuses.
Facebook, which has long been investigating how it handles consumer privacy, filed a lawsuit with the US Federal Trade Commission in 2019 alleging that the company had misused user data. Significant agreement reached.
The European Union’s lead regulator for Facebook, Ireland’s Data Protection Commission, said on Tuesday it had contacted the company about the data leak. It said it had “received no active communication from Facebook” but had now been contacted.
For the July 2019 FTC settlement, Facebook requires that details of unauthorized access to the data of 500 or more users are reported within 30 days of an incident is confirmed.
A Facebook spokesman declined to comment on the company’s interactions with regulators but said it was in contact to answer their questions.