Bulgarian blogger Bogomil Shopov wrote Tuesday that he had purchased a spreadsheet containing 1.1 million Facebook user IDs and email addresses for $5. The data was allegedly scraped by third-party applications and offered for sale on a website called Gigbucks by a user named “mertem.†Shopov verified that the emails did correspond to the Facebook user IDs, most of them private. He had even identified people he knew in the list. The next day, he was contacted by Facebook’s Platform Policy Team. “Hi Bogomil, We’d like to set up a call with you to discuss a recent blog post of yours. Could you please provide a time and a phone number that works with your schedule? Thanks, Platform Policy Team Facebook†According to Shopov, Facebook wanted to reclaim the data and investigate the leak and sale (clear violations of the network’s terms of service), but their discussion was somewhat cloak and dagger. He summarized the exchange in a subsequent blog post — the exact thing Facebook asked him not to do. “Now we would like you to send us this file, delete it, tell us if you have given a copy of it to someone, give us the website from which you bought it including all transactions with it and the payment system and remove a couple of things from your blog. Oh and by the way, you are not allowed to disclose any part of this conversation; it is a secret that we are even having this conversation.†Shopov confirmed these events to Mashable, and elaborated on his dealings with Facebook. He has spoken to them again since his latest post. “I had a call with them last night [about] why I am writing those things on my blog,†Shopov tells Mashable in an email. “They didn’t mean to leave this impression on me, and we agreed on how to transfer the data to them. I gave them the data today via their secure system. I promised to delete the data, and I did.†Shopov shared this screenshot of the secure data transfer back to Facebook. “[The seller] said the data came from a Facebook app, and I can believe that, because we checked a couple of profiles and there was no e-mail address present. This info cannot be scraped from the Facebook website,†Shopov explains. While the seller’s listing for the data has been removed by Gigbucks, you can view a Google cached version here. Shopov also forwarded the text of an email he received from “Josef†at Gigbucks, explaining that this listing was in clear violation of their terms. “Hi, I am the admin of Gigbucks and wanted to let you know that we have deleted the Facebook profiles from our server as well as banned the user account “mertem†for violating our terms and conditions that clearly state that such thins may not be offered on Gigbucks. We manually approve each gig and I don’t know how this one slipped through the crack. I apologize and we will take steps to improve our gig reviewing process to make sure such things will never be posted on Gigbucks again. Please let me know if there is anything else that we can do.†At the time of this writing, Facebook has not responded to our request for comment. UPDATE: A Facebook representative has responded to our request for comment: “Facebook is vigilant about protecting our users from those who would try to expose any form of user information. In this case, it appears someone has attempted to scrape information from our site. We have dedicated security engineers and teams that look into and take aggressive action on reports just like these. We continue to investigate this specific individual.†## Mashable.com October 26, 2012 by Matt Silverman http://mashable.com/2012/10/26/facebook-user-emails-5-dollars/
Please tell me he at least got FB to pay him a decent amount of $ for cooperating. Otherwise he's a moron. Given whoever was selling this for 5 bucks a pop you can bet a few hundred or so mailers probably own that list now. I like how FB thinks they can talk to people - "we want you to bend over, put your lips on your own asshole and start sucking". Not even a please or thank you. Satanic bastards...
“[The seller] said the data came from a Facebook app, and I can believe that, because we checked a couple of profiles and there was no e-mail address present. This info cannot be scraped from the Facebook website,†Shopov explains. I think the lesson here is clear. Don't use FB apps :33:
