Facebook Has Stored Contacts to 1.5 Million People Without Asking Them

Facebook Inc. announced that a security incident that has exposed a number of Instagram passwords to internal risk was significantly worse than initial expectations, reported Econ.bg

After the company announced in March that a security review has found that "tens of thousands" of Instagram users' passwords have been improperly stored in the form of an easily accessible text file, Facebook Vice President Pedro Canahuati, responsible for security and privacy of personal data, said on Thursday evening that according to latest estimates, "millions" of Instagram users were affected, MarketWatch reported.

Facebook has admitted to accessing and storing the email contacts of as many as 1.5 million of its users without their consent, writes the Verge. 

Business Insider reports that between May 2016 and last month, the social media platform asked some of its new users to verify their email address by providing the password to their email account. After doing so, the users' contacts would be automatically imported, without any option for the user to opt out.

Responding to the report, a Facebook spokesperson told Business Insider that email contacts were "unintentionally uploaded" as part of the process. They said that these contacts had never been shared with anyone, and that the company is now deleting the contacts that were uploaded. Facebook also claims to have fixed the "underlying issue" that led to the problem.


Email verification is a standard practice for online services, but Facebook handled it in a very different way. Usually, when you sign up to a new service you're asked to provide an email address, which then receives an email with a link in it that you have to...

Continue reading on: