A Facebook spokesperson said on Wednesday that the tech company didn’t notify the more than 530 million users whose personal data was obtained through inappropriate means, further noting that they don’t have the intention to do so either.
Business Insider first reported the data leak which included information about user’s phone numbers, Facebook IDs and names, locations, email, and birthdays.
A Facebook spokesperson told Reuters it also took into account that users could not fix the issue and that the data was publicly available in deciding not to notify users.
Facebook told the outlet that the information leak was not inclusive of financial, health data, or passwords.
The collected information, however, could potentially cause valuable data hacks or prompt other mistreatment.
While the information appears to be several years old, but it’s another example of the vast amount of information collected by Facebook and other social media sites, and the limits to how secure that information is.
Facebook has been grappling with data security issues for years. In 2018, the social media giant disabled a feature that allowed users to search for one another via phone number following revelations that the political firm Cambridge Analytica had accessed information on up to 87 million Facebook users without their knowledge or consent.
In December 2019, a Ukrainian security researcher reported finding a database with the names, phone numbers, and unique user IDs of more than 267 million Facebook users—nearly all U.S.-based—on the open internet. It’s unclear if the current data dump is related to this database.
“This is old data that was previously reported on in 2019,” the Menlo Park, California-based company said in a statement. “We found and fixed this issue in August 2019.”
A federal judge approved a $650 million settlement of a privacy lawsuit against Facebook in February for allegedly using photo face-tagging and other biometric data without the permission of its users.
U.S. District Judge James Donato approved the deal in a class-action lawsuit that was filed in Illinois in 2015. Nearly 1.6 million Facebook users in Illinois who submitted claims will be affected.
Donato called it one of the largest settlements ever for a privacy violation.
“It will put at least $345 into the hands of every class member interested in being compensated,” he wrote, calling it “a major win for consumers in the hotly contested area of digital privacy.”
Facebook is also facing legal action in Australia over alleged secret data harvesting.
The Associated Press and Reuters contributed to this report.