Social media website Facebook has suffered a major data breach which has seen the details of millions of users appear on unsecured databases.

As a result, Facebook users have been warned to be wary of unsolicited calls which could be from fraudsters.

The exposed server contained 133 million records of US-based Facebook users, 18 million records of UK users, and 50 million records on users in Vietnam.

According to technology website Techcrunch, the server wasn’t protected with a password, and anyone could find and access the database.

The accessed records each contained a user’s unique Facebook ID and the phone number listed on the account.

It’s likely the data was harvested by people who already had access to the phone numbers, possibly from a marketing database. By entering numbers into Facebook’s search bar they had been able to find the owners’ Facebook accounts.

TechCrunch verified a number of records in the database by matching a known Facebook user’s phone number against their listed Facebook ID. Some of the records also had the user’s name, gender and location by country.

The breach is far larger in scale than that in the Cambridge Analytica scandal, when information on about 86 million Facebook users was compromised.

Kate Bevan, Which? computing editor, said: “Facebook has taken positive steps to tighten security since this breach but it will still worry users that millions of phone numbers could make it into the hands of criminals – leaving them open to being targeted by cold-calling, fraudsters and other scams.

“If you’ve uploaded your phone number to Facebook at any point, it’s worth being extra-vigilant about calls claiming to be from tech support warning that your computer or router is compromised and other unexpected cold callers. Facebook must also reassure users that their data is being properly protected following this confirmation.”