New York (CNN Business) A feature that Facebook shut down in the wake of last year's Cambridge Analytica scandal came back to haunt it on Wednesday, when it emerged that hundreds of millions of Facebook users' phone numbers had been found in an unprotected online database.

Facebook FB Millions of Americanusers' phone numbers are believed to be among those found. Facebook said there is no evidence that any accounts were compromised. Even so, the latest discovery is a reminder that even new, stricter security policies can't necessarily address past data leaks or abuses.

Until April 2018, people could enter another person's phone number to find him or her on Facebook. The company shut down the feature in the weeks after the Cambridge Analytica scandal broke because it found "malicious actors" had abused the feature to gather public information on Facebook users, a process known as scraping.

"Given the scale and sophistication of the activity we've seen, we believe most people on Facebook could have had their public profile scraped in this way," Mike Schroepfer, Facebook's chief technology officer, wrote at the time.

On Wednesday, almost 18 months after Facebook shut down the feature, TechCrunch reported that a security researcher had found the records of more than 400 million Facebook accounts, including phone numbers, resting in an unprotected database online.

Read More