Facebook unintentionally uploaded 1.5 million users’ email contacts
This, according to Facebook, happened following a design change almost two years ago, and the company was now in the process of deleting them.
The world’s biggest social network on Wednesday, said the issue began three years ago when it made changes to the step-by-step verification process users go through when signing up for an account on the platform.
Prior to those changes, users were given the option to upload their email contact lists when opening an account to help them find friends already on Facebook.
But in May 2016, Facebook removed language that explained users’ contact lists could be uploaded to the company’s servers when they signed up for an account. This meant that in some cases people’s email contact lists were uploaded to Facebook without their knowledge or consent.
A Facebook spokesperson said the firm did not realize this was happening until April of this year, when it stopped offering email password verification as an option for people signing up to Facebook for the first time.
“When we looked into the steps people were going through to verify their accounts, we found that in some cases people’s email contacts were also unintentionally uploaded to Facebook when they created their account,” the spokesperson added.
The company said the mistakenly uploaded contact lists had not been shared with anyone outside of Facebook.
The news was first reported by Business Insider on Wednesday.
The incident is the latest privacy issue to rock Facebook, which has more than two billion users globally. Over the last 18 months these have included the Cambridge Analytica data scandal and the biggest security breach in its history.
Facebook Chief Executive Officer, Mark Zuckerberg has responded to criticism by promising to introduce more privacy-focused measures on the platform, such as encrypted messaging and better data security.