Facebook Harvested Email Contacts of 1.5 Million Users Without Their Consent - MacRumors
Skip to Content

Facebook Harvested Email Contacts of 1.5 Million Users Without Their Consent

by

Facebook harvested the email contacts of 1.5 million users without their knowledge or consent and used the data to build a web of their social connections, it emerged today. Business Insider reports that Facebook began collecting the contact lists in May 2016 when new users opened a new account on the social network.

facebook email contacts uploaded

Image via Business Insider

The harvesting occurred when users were offered email password verification as an option to verify their identity when signing up to Facebook, a method widely condemned by security experts. In some cases if users did enter their password, a pop-up message would appear informing them that it was "importing" their contacts, without even asking their permission to do so.

These contacts were then fed into Facebook's database systems and used to build a map of users' social links and inform recommended friends on the social network. It's not clear if the data was also used for ad-targeting purposes.

In a statement given to Business Insider, the company said that these email contacts had been "unintentionally uploaded" to Facebook when users created their account.

It also said that prior to May 2016, it offered an option to verify a user's account and voluntarily upload their contacts at the same time. However, the feature was changed and the text informing users that their contacts would be uploaded was deleted, but the underlying functionality was not. Facebook says at no point did it access the content of users' emails.

We estimate that up to 1.5 million people's email contacts may have been uploaded. These contacts were not shared with anyone and we're deleting them. We've fixed the underlying issue and are notifying people whose contacts were imported. People can also review and manage the contacts they share with Facebook in their settings.

The news is just the latest addition to a long list of privacy blunders and violations by Facebook. In March, for example, it emerged that between 200 and 600 million Facebook users may have had their account passwords stored in plain text in a database accessible to 20,000 Facebook employees. Some Instagram passwords were also included.

That was followed earlier this month by news that cybersecurity researchers had discovered millions of Facebook records publicly accessible on Amazon's cloud servers, after the data was uploaded by third-party companies that work with Facebook.

In yet another development just this week, over 4,000 pages of documents from 2011 to 2015 were leaked which provide insight into how Facebook took advantage of user data while publicly promising to protect user privacy before and after its 2015 move to end broad access to user data.

Tags: Apple Privacy, Facebook

Top Rated Comments

LewisChapman Avatar
LewisChapman
92 months ago
Facebook saying they will ‘delete the harvested email addresses’ is like me saying I’ll put away this pack of biscuits after this last one.
Score: 27 Votes (Like | Disagree)
iPhysicist Avatar
iPhysicist
92 months ago
DELETE Facebook already. What on earth keeps this thing alive?! Every other "social" media would be dead by now.
Score: 26 Votes (Like | Disagree)
macfacts Avatar
macfacts
92 months ago
Why hasn't Tim removed the FB app from the store?
Score: 15 Votes (Like | Disagree)
Adam Warlock Avatar
Adam Warlock
92 months ago
This sort of thing keeps happening because there are no real consequences. A million-dollar fine per e-mail address would change things very, very quickly IMO.
Score: 13 Votes (Like | Disagree)
0815 Avatar
0815
92 months ago
Not surprised... they are not trustworthy.

But as long as people stay with them nothing will change.
Score: 8 Votes (Like | Disagree)
4
44267547
92 months ago
Facebook definitely has its share of ongoing problems, it’s unfortunate what it’s become over the years, especially when it doesn’t value the users privacy in mind, even when they claim too. And in today’s digital era of the Internet, privacy is crucial, and Facebook has failed on many levels. (Proud to say I’ve never had a Facebook account and now I’m glad I never did.)
Score: 6 Votes (Like | Disagree)
Read All Comments

Popular Stories

apple lock security bug vulnerability fix privacy

Apple Warns Canada's Bill C-22 Could Force Encryption Backdoors

Friday May 8, 2026 4:22 am PDT by
Apple and Meta have opposed a Canadian bill that the companies say could force them to create backdoor access to encrypted user data, should it pass through the country's parliament. Proposed by Canada's ruling Liberal Party, Bill C-22 contains provisions that could be similar ​to a UK data access provision order sent to Apple last year, depending on how they are implemented. Back in Feb...
Read Full Article80 comments
Apple Event Logo

Apple's Next Era Begins September 1

Thursday May 7, 2026 10:36 am PDT by
Apple recently announced that Tim Cook will be stepping down as CEO later this year, after 15 years of leading the company. Effective September 1, Apple's hardware engineering chief John Ternus will become the company's next CEO, while Cook will become executive chairman of Apple's board of directors. In his new role, Apple said Cook will assist with "certain aspects" of the company,...
Read Full Article
Four iPhone 18 Pro Colors Mock Feature

iPhone 18 Pro Launching in September With These 10 New Features

Saturday May 9, 2026 6:03 am PDT by
While the iPhone 18 Pro and iPhone 18 Pro Max are not launching until September, there are already plenty of rumors about the devices. It was initially reported that the iPhone 18 Pro models would have fully under-screen Face ID, with only a front camera visible in the top-left corner of the screen. However, the latest rumors indicate that only one Face ID component will be moved under the...
Read Full Article