Facebook Inc. said data on most of its 2 billion users could have been accessed improperly, giving fresh evidence of the ways the social-media giant failed to protect people’s privacy while generating billions of dollars in revenue from the information.
The company said it removed a feature that let users enter phone numbers or email addresses into Facebook’s search tool to find other people. That was being used by malicious actors to scrape public profile information, it said.
“Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped in