Facebook asks users for email passwords, then “accidentally” uploads contacts

Earlier this month, Facebook admitted that it was asking some users who signed up on desktop while using email addresses not supporting the OAuth open standard to give them the passwords to their email accounts—with options to avoid doing so hidden in a “Need Help?” Facebook told Gizmodo via email that in May 2016 it made a revision to the registration process, which originally asked the affected users for permission to upload contact lists. In a statement, the company wrote that it would be notifying the 1.5 million impacted users, as well as deleting any contacts it obtained without their knowledge or consent:
Earlier this month we stopped offering email password verification as an option for people verifying their account when signing up for Facebook for the first time.

Source: gizmodo.com