Facebook “unintentionally” uploaded the email contacts of more than 1.5 million users without asking permission to do so, the social network has admitted.
The data harvesting happened via a system used to verify the identity of new members,
Facebook asked new users to supply the password for their email account, and took a copy of their contacts.
Facebook said it had now changed the way it handled new users to stop contacts being uploaded.
All those users whose contacts were taken would be notified and all the contacts it had grabbed without consent would be deleted, it said.
The information grabbed is believed to have been used by Facebook to help map social and personal connections between users.