Facebook Inc said on Wednesday it may have unintentionally uploaded email contacts of 1.5 million new users on the social media site since May 2016.

The contacts were not shared with anyone and the company is deleting them, Facebook told Reuters in a statement, adding that users whose contacts were imported will be notified.

Business Insider had earlier reported that the social media company harvested email contacts of the users without their knowledge or consent when they opened their accounts.

Facebook has been hit by a number of privacy-related issues, including a glitch that exposed passwords of millions of users stored in readable format within its internal systems to its employees.

Last year, the company came under fire following revelations that Cambridge Analytica obtained personal data of millions of people’s Facebook profiles without their consent.

 In a statement, a Facebook spokesperson said:

"...we found that in some cases people's email contacts were also unintentionally uploaded to Facebook when they created their account. We estimate that up to 1.5 million people's email contacts may have been uploaded. These contacts were not shared with anyone and we're deleting them."

It is contacting people who had their contacts uploaded, but it's yet another privacy issue for a company that has had a long string of them over the last couple of years. It still doesn't explain why the "email password verification" for non-OAuth-linked providers was ever implemented before it stopped using the method last month, and provides even more justification for those skeptical of the company's practices and promises.

 
• Facebook
 
• privacy
 
• social_media