A massive data leak from Facebook has exposed the names, personal IDs, and phone numbers of 267 million users — most of them American — on the dark web, according to reports.

The data dump was discovered by a cybersecurity firm, Comparitech, together with security researcher Bob Diachenko. The team found that 267,140,436 Facebook users had their personal information exposed.

The data was found on an unsecured database on the “dark web,” the part of the internet that is inaccessible via regular browsers and is not indexed by search engines. According to the report, the data was publicly available for two weeks.

Via the Daily Mail:

The IDs, phone numbers and full names of 267 million users, most of which reside in the US, were discovered on an unsecured database on the dark web. Although it is not yet clear how the sensitive information was exposed, experts speculate the database was compiled through an illegal process called ‘scraping’ – where automated bots copy public information from Facebook profiles. Access to the database has since been removed, however, the records were available to anyone online for two weeks before the leak was discovered. The security breach follows a massive leak in September in which more than 400 million user phone numbers were exposed.

In a statement to the Daily Mail, a Facebook representative tried to reassure the public that the leak occurred before new security measures had been put in place.

“We are looking into this issue, but believe this is likely information obtained before changes we made in the past few years to better protect people’s information,” said the Facebook rep.

Are you an insider at Facebook, YouTube, Google, Reddit or any other tech company who wants to confidentially reveal wrongdoing or political bias at your company? Reach out to Allum Bokhari at his secure email address allumbokhari@protonmail.com.

Allum Bokhari is the senior technology correspondent at Breitbart News.