Not a week goes without a new Facebook blunder.
Remember the most recent revelation of Facebook being caught asking users new to the social network platform for their email account passwords to verify their identity?
At the time, it was suspected that Facebook might be using access to users’ email accounts to unauthorisedly and secretly gather a copy of their saved contacts.
Now it turns out that the collection of email contacts was true, Facebook finally admits.
In a statement released on Wednesday, Facebook said the social media company “unintentionally” uploaded email contacts from up to 1.5 million new users on its servers, without their consent or knowledge, since May 2016.
In other words, nearly 1.5 million users had shared passwords for their email accounts with Facebook as part of its dubious verification process.
A Facebook spokesperson shared information with Business Insider that the company was using harvested data to “build Facebook’s web of social connections and recommend friends to add.”
The social media giant said the company had stopped this email verification process a month ago and has assured its users that it has not shared those contacts with anyone and that it has already started deleting them.
“Last month we stopped offering email password verification as an option for people verifying their account when signing up for Facebook for the first time,” Facebook says.
“We estimate that up to 1.5 million people’s email contacts may have been uploaded. These contacts were not shared with anyone and we’re deleting them. We’ve fixed the underlying issue and are notifying people whose contacts were imported. People can also review and manage the contacts they share with Facebook in their settings.”
images from Hacker News