Photo: Avishek Das/SOPA Images/LightRocket via Getty Images
A database of more than 419 million phone numbers taken from Facebook public profiles was accessible on the internet without any security, though it is now removed, reports TechCrunch.
The big picture: The database appears to have been compiled by an unknown group, taking advantage of users that kept their phone numbers in public profiles. Facebook stopped including phone numbers in public profiles last year.
Details: Researcher Sanyam Jain discovered the database and worked with TechCrunch to find a responsible party to secure the information from public view. While the database's owner could not be determined, the web host took the data down.
- The database included 133 million Facebook users based in the U.S.
- Though the collection of data had to have been compiled before Facebook removed phone numbers from profiles, TechCrunch found that the phone numbers still worked.
Why it matters: There's no evidence the document was discovered by a malicious party before the data was scrubbed from the web. But a massive list of phone numbers would make several forms of mischief easier.
- That might include spam phone calls or hackers leveraging the numbers to take over accounts using a technique known as SIM swapping.
Go deeper... Report: Facebook ties names to authentication phone numbers