Shopov bought the data, which contained full names, email addresses and Facebook profile URLs, checked it over, and discovered that some of the data is accurate and that some of his friends' data is also there.
After making the discovery public on his blog, he says that he was contacted by Facebook. In a (recorded) phone call, they asked him to forward the data then delete the file in his possession, name the website from which he bought it, remove "a couple of things from your blog," and keep the fact that they had the conversation secret.
"I agreed to send them the data and the website of course, for that was my purpose, he shared later. "I asked if it was possible to tell what the problem was, after they finished the investigation, so that the users could protect themselves, but they they emphasized that it would be an internal investigation and they would not share any information with third parties."
He obviously didn't heed the request on keeping mum about the conversation.
"Facebook is vigilant about protecting our users from those who would try to expose any form of user information. In this case, it appears someone has attempted to scrape information from our site and combine the information with data publicly available elsewhere on the web," Facebook commented the situation for ars technica.
"We have dedicated security engineers and teams that look into, and take aggressive action on reports just like these. In addition to the engineering teams that build tools to block scraping we also have a dedicated enforcement team that seeks to identify those responsible for breaking our Terms and works with our Legal team to ensure appropriate consequences follow. We continue to investigate this specific individual."
According to Shopov, the offer of the data was accompanied by an explanation that it contained only information about active users mostly from the US, Canada, UK and Europe, and that it was collected through a number of Facebook apps. The seller claimed to be an online marketer.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.