[QUFB]

Not much to see? Not noteworthy?

Where could I, or any Internet user, trivially download these details on 533M Facebook users prior to this dump? If nothing else, it seems extremely noteworthy that someone was not only able to obtain the data through scraping or some attack, but has shared with the world.

[i_have_an_idea]

> Where could I, or any Internet user, trivially download these details on 533M Facebook users prior to this dump?

On Facebook. Literally. You can scrape any public profile info. It's against ToS, but it's not illegal (some caveats apply, see the hiQ Labs v. LinkedIn case for more info).

The only noteworthy thing is the phone number vuln. Except that's been known since 2019, so it's certainly not news.

[azeirah]

There's a difference between programming a scraper capable of scraping 500 million records, running it and storing the results without getting caught by Facebook and downloading a file.