According to Facebook, malicious actors obtained the personal information on the affected 553 million users not by breaking into its systems, but rather by scraping the data from its website. Facebook believes that the scraping was carried out using a flaw in its address book contacts import feature.

Read full article on SiliconANGLE