Facebook has mistakenly collected about 1.5 million email addresses at the time of registration of new users but without asking for consent for use. The news is reported by Business Insider, which found the beginning of this accumulation of e-mail addresses from May 2016.
A security researcher discovered after having noticing that the network asked some users to provide both an email and the corresponding password to verify their identity at the same time while opening a new account. When entering information, contacts were automatically imported for use for targeting and suggestions.
Following this the company has acknowledged the mistake. However, Facebook said that the mechanism came from an old system to evaluate the user experience, which was replaced in May 2016.
“Last month we stopped offering email password verification as an option for people who verified their account when they signed up for Facebook.”
“When we looked at the steps people were taking to verify their accounts, we found that in some cases people’s email contacts were unintentionally uploaded to Facebook when they created their account,” a company spokesman explained.
The network wanted to be reassuring by stating that the contacts privacy is the priority of the company, although they remained on the servers internally.
About 1.5 million users would be affected by this computer error, said the US group to Reuters in a statement, stating that this data was not shared with third parties and that they have removed them from the servers as well.
In addition, the affected users have been informed of the error or will it be any time soon. As during the piracy of September, it is possible to check if his account was touched via the settings of the latter.
A number of privacy issues affected Facebook, including a problem that mistakenly allowed employees to see the passwords of millions of users stored in readable format on their internal systems. In the long series of scandals and mistakes, Facebook has marked another one.