Facebook has a long, long record of privacy fails and data scandals, but even by its standards the latest one is a jaw-dropper: the platform has revealed up to 1.5 million Facebook users might have had their email contacts unknowingly uploaded to the site.
The process was unintentional – according to Facebook – and happened when users were prompted for their password as part of a security verification process. It’s been going on since May 2016 but Facebook says its now deleting all the scraped data.