Click to Skip Ad
Closing in...

Facebook accidentally exposed over 400 million user records, but hey, at least they have a new dating app

Published Sep 5th, 2019 11:44AM EDT
facebook phone number leak
Image: Richard Drew/AP/Shutterstock

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Oh Facebook, you just can’t seem to stop tripping over your own big, dumb feet, can you?  Today, the world’s largest social network and noted privacy destroyer is introducing a brand new product to the United States. It’s a dating app that aims to take on the likes of Tinder and Bumble, and while it’s been rolling out to a number of countries since late last year, you probably won’t need to rely on it if you’re looking to meet new people.

Why? I’m so glad you asked! You see, that new Facebook feature that is designed to connect you with people you might not already know completely pales in comparison to the wealth of personal information the social network somehow leaked and was recently found on an unprotected server. Why wait for Facebook Dating to connect you with someone new when the company accidentally allowed the user records of over 419 million people to be posted online?

The leak, reported by TechCrunch, contains the information of hundreds of millions of individuals from around the globe, including 133 million records on users from the United States and 18 million records from users in the UK. It was discovered by security researcher Sanyam Jain, though nobody knows who owns the server or how they came into possession of such a huge amount of Facebook’s user data.

The records included Facebook’s numerical ID for each account — making it trivial to determine which record belongs to which specific user on the social network — as well as the phone number associated with them. The server this data was being stored on had zero security features, meaning that anyone with a working internet connection could browse hundreds of millions of accounts and phone numbers.

Facebook offered a statement following the server’s discovery, claiming that the “data set is old” and that it was likely stored before Facebook restricted the ability to find Facebook users based on their phone numbers. Calling it “old” seems like a bit of a stretch considering that most people don’t change their phone numbers on a yearly basis.

The server was taken offline after Jain contacted the host, but at this point, it’s unclear how long the information was stored there or how many people may have accessed it while it was publicly available.

Facebook Dating should be available to all users in the U.S. today, but hey, maybe take a moment to consider how much personal information you’re revealing to a service that clearly can’t patch its own gaping holes.