Millions of Facebook user accounts has been leaked by a server found to be unprotected online according to TechCrunch.

With this particular server it had an approximate amount of 419 million users records. It is said that those affected in the U.S. were about 133 milion while 18 million of those records were affected by people in the UK. Vietnam had around 50 million users affected. 

Because this server was unsecured, anyone who had access to the internet could obtain those records since no password was needed to login to the server.

All the records compromised had the users unique ID which in turn someone could see the Facebook username. Not only that, there were phone numbers associated with the users accounts. One could also see the username that was used also the gender of that person as well as country.

Facebook gave a statement to TechCrunch letting them know that the records on the server were from an old dataset. To be clear the company precisely said information was obtained ahead of Facebook’s changes. These changes were to remove any public access which associated users phone numbers to their accounts. 

A spokesperson for Facebook has clearly informed that no evidence exists that these accounts were compromised when the dataset had been taken down.

Reporters from TechCrunch verified the data they had obtained from the server to correlate those records to the Facebook user accounts. By using Facebook’s password reset tool, they were able to verify other records that had shown part of a phone number. 

As of yet, it hasn’t been verified who owns the server nor where it is housed. This particular server had been taken down when TechCrunch reportedly contacted the hosting company. Also, the data that was scraped from Facebook no one knows how or why. 

A security researcher by the name of Sanyam Jain had discovered the exposed server which at the time he was able to obtain several celebrities phone numbers.

As Facebook has clearly stated there is no evidence any user accounts were vulnerable at the time of the exposure. However, the dataset in existence most likely poses some risk for users involved. 

This just goes to show that unprotected data can get exposed and into the hands of the wrong people. It is very vital that using very strong passwords can help protect one’s data from getting discovered.