Zuckerberg says most Facebook users should assume they have had their public info scraped

Authored by cnbc.com and submitted by goyabean
image for Zuckerberg says most Facebook users should assume they have had their public info scraped

The company said earlier in a post from Facebook's chief technology officer, Mike Schroepfer, that most Facebook users "could have" had their public profile scraped.

In a section discussing search and account discovery features, Schroepfer said this:

"Until today, people could enter another person's phone number or email address into Facebook search to help find them. This has been especially useful for finding your friends in languages which take more effort to type out a full name, or where many people have the same name. In Bangladesh, for example, this feature makes up 7% of all searches. However, malicious actors have also abused these features to scrape public profile information by submitting phone numbers or email addresses they already have through search and account recovery. Given the scale and sophistication of the activity we've seen, we believe most people on Facebook could have had their public profile scraped in this way. So we have now disabled this feature. We're also making changes to account recovery to reduce the risk of scraping as well."

In the call with media Wednesday, Zuckerberg clarified further. "It is reasonable to expect... someone has accessed your information in this way," he said.

This news is in addition to Facebook's claims that political analytics firm Cambridge Analytica gained access to data from as many as 87 million Facebook users. Media reports had previously placed the number at more than 50 million.

— CNBC's Michelle Castillo and Chloe Aiello contributed to this report.

Wdeflect on April 5th, 2018 at 00:17 UTC »

Reminder: your more important information was stolen from Equifax.

roscocoltrane on April 4th, 2018 at 22:02 UTC »

"We became billionnaires by accident."

Kilofix on April 4th, 2018 at 20:43 UTC »

Just a clarification:

Scraped data (off what is publicly available on screen) is a common way of (legally) gathering information done by many different applications and companies against many sites (not just FB but news sites, etc.).

Harvesting what should be protected (not publicly available) data through the use of an application and / or misleading terms of conditions is a whole different thing.

Edit - Some have responded that public scraping of data may indeed be against US Terms of Service. I haven’t verified it myself but thought I should mention it in the OT. Others say that isn’t the case as that’s essentially what bots from search sites like Google do.

Yet others have said that while public data may be ok, some information is only for “friends” and this search may misrepresent that.