Facebook has removed a number of accounts and pages that advertised the personal information of dozens of people, including Social Security numbers, addresses, phone numbers and credit card numbers.
“Posts containing information like Social Security numbers or credit card information are not allowed on Facebook, and we remove this material when we become aware of it,” a Facebook spokesman said, according to Reuters.
The social media company’s move comes after a report by news website Motherboard.
But Reuters pointed out that a Google search still turns up a few public Facebook posts offering to sell personal details.
The Motherboard report says that hackers have been advertising databases of private information on Facebook for years. Motherboard was even able to confirm the first four digits of the Social Security numbers, names, addresses and dates of birth for four people whose data appears in a post from July 2014.
Matt Mitchell, a digital security trainer, told the news site that Facebook has no excuse for allowing these posts to remain on the site for so long. In fact, he says it should be “easy” for the social network to stop and prevent these posts.
“On their end, it’s pure laziness to wait for an abuse report to stop posts that are following a doxing template,” he said.
This is more negative press for the social media giant, who is still dealing with the fallout from the revelation that 87 million users may have had their data shared with controversial political firm Cambridge Analytica.
Soon after, the company announced that “malicious actors” were able to use search tools to discover the identities and collect information on most of its two billion users worldwide.
Then just last week, journalist Brian Krebs filed a report on almost 120 private discussion groups of more than 300,000 members on Facebook that promoted illegal activities, including spamming, wire fraud, account takeovers and phony tax refunds.
Facebook deleted the groups, with the biggest collection being those promoting the sale and use of stolen credit and debit card accounts, and the second offering information on accounts for sites such as Amazon, Google, Netflix and PayPal.