Earlier this week Facebook was found asking newly signed up users to provide their passwords for their email to verify their account.
Now Facebook has admitted it has collected email contacts of 1.5 million users without their permission.
If the users enter their email password, all the contacts in the email were imported without asking users consent.
Facebook said in a statement that they “unintentionally” uploaded email contacts from up to 1.5 million new users on its servers since May 2016 without user consent or knowledge.
According to Business Insider who spoke with Facebook spoke person, the company was using this data to “build Facebook’s web of social connections and recommend friends to add.”
Facebook stopped this email verification process a month ago and said that none of the harvested email contacts was shared with anyone and has already started deleting them.
“Last month we stopped offering email password verification as an option for people verifying their account when signing up for Facebook for the first time.”
“When we looked into the steps people were going through to verify their accounts we found that in some cases people’s email contacts were also unintentionally uploaded to Facebook when they created their account,” said in the statement Facebook spokesperson.
Facebook said they have fixed the issue and started to notify users whose contacts were imported.
Users can also review and manage the contact they shared with Facebook in their settings.
Facebook Stored Millions Not Thousands of Users Passwords in Plain Text
Last month Facebook revealed that mistakenly stored the passwords of hundreds of millions of Facebook and tens of thousands of Instagram users in plaintext for years.
Now Facebook has updated the statement saying that they discovered addition log of Instagram passwords stored in a readable format which has increased estimate number of impacted Instagram users from tens of thousands to millions.
Facebook also assured that in the statement these passwords were not improperly accessed or abused.
Facebook has been in the limelight for a year with many controversies and issues.
Earlier this month researchers found personal records of more than 540 million Facebook users unprotected on Amazon cloud servers.
You may be interested in reading:Researchers Discovered New Victim of Powerful Triton Malware