Hundreds of millions of phone numbers linked to Facebook accounts were found online.
The exposed server contained more than 419 millions of files in various databases for users from different geographies: 133 millions of Facebook users in the US, 18 millions of users in the UK and more than 50 millions of users in Vietnam.
This server was not password protected, so anyone could access the huge database.
Each entry contained the unique Facebook user ID and phone number listed on the account. A user's Facebook ID is usually a long, unique, public number associated with their account, which can be easily used to identify an account's username.
However, the phone numbers have not been public for more than a year, as Facebook restricts access to users' phone numbers.
Some of the files also contained the user's name, gender and geographical location by country.
This is the latest data leak from Facebook after a series of incidents starting with its scandal Cambridge Analytica, which exposed more than 80 million profiles.
Since then, the company has seen many high profile violations.
This latest incident exposed millions of users' phone numbers only from their Facebook IDs, putting them at risk of spam and attacks SIM replacement.
This attack deceives the target cell phone company, and changes its phone number. With the new phone number, the attacker can reset the password to any Internet account associated with that number.
Sanyam Jain, a security researcher and a member of the GDI Foundation, found the database and contacted with TechCrunch after failing to find the owner.
After researching the data, Jain said he found profiles with phone numbers of several celebrities.
The researcher said he pulled the database off the internet on his own after not finding the owner.