A Ukrainian security researcher says a database with the names, phone numbers and unique user IDs of more than 267 million Facebook users was exposed on the open internet for at least 10 days this month. Bob Diachenko says nearly all the users are in the U.S. He says the database was likely harvested by criminals, who could use it for spam and phishing attacks or identity theft. Facebook is investigating, and says it believes the data was obtained before it made technical changes to better protect user data. Those changes included restricting user access to each others’ phone numbers last year.