Hundreds of millions of phone numbers linked to Facebook accounts were found online.
The exposed server contained more than 419 million files in various databases data for users from different geographies: 133 million Facebook user records from the US, 18 million users from the UK, and more than 50 million records from users in Vietnam.
This particular server was not password protected, so anyone could access the huge base data.
Each entry contained the unique Facebook user ID and phone number listed on account. A user's Facebook ID is usually a long, unique, public number associated with their account, which can be easily used to identify an account's username.
However, the phone numbers have not been public for more than a year, as Facebook restricts access to users' phone numbers.
Some of the files also contained the user's name, gender and geographical location by country.
This is the latest data leak from Facebook after a series of incidents starting with its scandal Cambridge Analytica, which exposed more than 80 million profiles.
Since then, the company has seen many high profile violations.
This latest incident exposed millions of users' phone numbers only from their Facebook IDs, putting them at risk of spam and attacks SIM replacement.
This attack deceives the target cell phone company, and changes its phone number. With the new phone number, the attacker can reset the password to any Internet account associated with that number.
Sanyam Jain, researcher better safetys and a member of the GDI Foundation, found the database and contacted with TechCrunch after failing to find the owner.
After researching the data, Jain said he found profiles with phone numbers of several celebrities.
The researcher said he pulled the database off the internet on his own after not finding the owner.