Phone numbers linked to over 400 million Facebook accounts were recently found on an online server that was not password-protected, according to a TechCrunch report on Wednesday.

On Thursday, Facebook said the data set contained duplicate entries and that the official number of exposed phone numbers totaled around 220 million.

That information, according to the report, included users' Facebook IDs (which are strings of numbers used by the company to uniquely identify an account) and the associated phone number for each account.

Some records also included the user's name, gender, and country in which they resided.

The issue, a Facebook spokesperson told Business Insider on Wednesday, stemmed from a feature, which has since been shut down, that allowed users to search for friends by their phone numbers. Third parties could have used that feature to harvest the information.

The databases have since been pulled offline after the web host was contacted, TechCrunch said.

Visit Business Insider's homepage for more stories.

Phone numbers linked to as many as 419 million Facebook accounts were recently found on an online server that was not protected by a password, according to a TechCrunch report on Wednesday.

Facebook told Business Insider that there was no evidence that any users had their accounts compromised. On Thursday, the company said the data set contained duplicate entries and that the official number of exposed phone numbers totaled around 220 million.

The database was brought to TechCrunch's attention by a security researcher, who discovered the information sitting in plaintext — meaning it wasn't encrypted at all. This information appears to have been gathered by a third party, who left it exposed to the internet. The database was taken offline after the web host was contacted, TechCrunch said.

The information in question, according to the report, included users' Facebook IDs — which are strings of numbers used by the company to uniquely identify an account — and the associated phone number for each account. Some records are said to have included the user's name, gender, and country in which they resided.

TechCrunch reported that 133 million of the 419 million records discovered on the server were associated with American users.

The issue, a Facebook spokesperson told Business Insider on Wednesday, stemmed from a feature, which has since been shut down, that allowed users to search for friends by their phone numbers. Facebook said malicious actors were able to use this feature to scrape information, including phone numbers, from users' accounts.

Facebook shut down the ability to search for friends by phone number in April 2018.

"This dataset is old and appears to have information obtained before we made changes last year to remove people's ability to find others using their phone numbers," a Facebook spokesperson told Business Insider. "The dataset has been taken down and we have seen no evidence that Facebook accounts were compromised. The underlying issue was addressed as part of a Newsroom post on April 4th 2018 by Facebook's Chief Technology Officer."

Read more: Instagram's lax privacy practices let a trusted partner track millions of users' physical locations, secretly save their stories, and flout its rules

The finding is the latest example of data-protection issues surrounding the social-networking giant. Just last month, Business Insider's Rob Price reported that Facebook was launching a review of hundreds marketing and advertising firms amid indications of widespread misuse of Instagram user data, including data scraping of users' public data without their consent.