Facebook is taking legal action in response to another large-scale data theft. According to To The record, the social network sued Ukrainian national Alexander Solonchenko for allegedly retrieving data from more than 178 million users. Solontchenko allegedly exploited Messenger’s import contacts feature using an automated tool that mimicked Android devices. It fed Facebook millions of phone numbers and collected data every time the site returned account information with phone numbers.
The attacker reportedly ran the campaign between January 2018 and September 2019 (when Facebook shut down the importer) and started selling it on a black market forum in December 2020. Facebook tracked down Solonchenko after using his username and contact details for email and job boards. The man also recovered data from other targets, Facebook said, including a major Ukrainian bank.
In its complaint, Facebook sought undefined damages as well as bans preventing Solonchenko from accessing Facebook or selling his scraped data.
This is not the biggest incident of this kind. Hackers have recovered data from 533 million users through the same feature. However, it illustrates Facebook’s determination to crack down on data scraping – it is prepared to prosecute attackers in civil court in the hopes of deterring similar data looting campaigns.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through any of these links, we may earn an affiliate commission.