Facebook's latest blunders affected contacts and passwords for millions of users

Image credit: TechRadar

Facebook has a long, long record of privacy fails and data scandals, but even by its standards the latest one is a jaw-dropper: the platform has revealed up to 1.5 million Facebook users might have had their email contacts unknowingly uploaded to the site.

The process was unintentional – according to Facebook – and happened when users were prompted for their password as part of a security verification process. It's been going on since May 2016 but Facebook says its now deleting all the scraped data.

On top of that, the shoddy password storage techniques used by Facebook that we reported on last month have in fact affected millions of Instagram users – not the "tens of thousands" that Facebook initially said.

In this case passwords were being stored in plain text, easily visible by Facebook engineers and developers. The passwords weren't leaked outside of Facebook, but the practice should still ring alarm bells – and again, Facebook has promised to fix it.

Keep up at the back

In summary, the plain text password fail of last month affected more Instagram users than we thought, and Facebook has also been uploading our contact lists without permission.

Still, Facebook promises to do better in the future, so there's that to hold on to. And a dark mode feature is rolling out in Facebook Messenger to distract you from all the ways that your data is being improperly handled.

At this point it seems Facebook is lurching from one scandal or gaffe to the next, without any real sign of permanently changing its ways. Meanwhile users are switching to other services – though admittedly many of them are also owned by Facebook.

Facebook boss Mark Zuckerberg seems keenly aware that the social media landscape is changing, and has said the platform will move towards more private sharing in the future. Let's hope our data stays private too.

Via Ars Technica

David Nield
Freelance Contributor

Dave is a freelance tech journalist who has been writing about gadgets, apps and the web for more than two decades. Based out of Stockport, England, on TechRadar you'll find him covering news, features and reviews, particularly for phones, tablets and wearables. Working to ensure our breaking news coverage is the best in the business over weekends, David also has bylines at Gizmodo, T3, PopSci and a few other places besides, as well as being many years editing the likes of PC Explorer and The Hardware Handbook.