Facebook on Tuesday (Apr 6) said a recently reported data leak affecting potentially 530 million users in September 2019 stemmed from the misuse of its contact importer function and that it had plugged the hole after identifying the problem at the time.
Business Insider reported last week that phone numbers and other details from user profiles were available in a public database.
Facebook said "malicious actors" had obtained the data prior to September 2019 by "scraping" profiles using a vulnerability in the network's tool to sync contacts. The company said it identified the issue at the time and had modified the tool.
"As a result of the action we took, we are confident that the specific issue that allowed them to scrape this data in 2019 no longer exists," Facebook said in a blog post.