Facebook revealed Wednesday that as many as 87 million users may have had their personal data shared with Cambridge Analytica. But according to Mark Zuckerberg, it doesn’t stop there.
In an interview, Zuckerberg admitted most of Facebook’s 2.13 billion users can “assume” their data’s been scraped thanks to a widely used Facebook apps search feature.
I think the thing people should assume — given this is a feature that’s been available for a while, and a lot of people use it in the right way, but we’ve also seen some scraping — I would assume if you had that setting turned on that someone at some point has accessed your public information in this way
Because this feature, by default, was set to “On”, unless you turned it off, your account’s been vulnerable. According to Facebook, the feature has now been disabled.
Until today, people could enter another person’s phone number or email address into Facebook search to help find them. This has been especially useful for finding your friends in languages which take more effort to type out a full name, or where many people have the same name. In Bangladesh, for example, this feature makes up 7% of all searches.
However, malicious actors have also abused these features to scrape public profile information by submitting phone numbers or email addresses they already have through search and account recovery. Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped in this way. So we have now disabled this feature. We’re also making changes to account recovery to reduce the risk of scraping as well.
Is Your Facebook Information Safe?
Starting April 9, Facebook will post notices at the top of users newsfeeds if their information may have been shared with Cambridge Analytica. All users will be provided a link at the top of their feeds to see the apps they use, review the information they share with those apps and steps to edit them.