This article really nails the problem with exposed names, phone numbers, email addresses and other PII. Bad actors are building "Starter Kits" to identity theft and other malicious activities with this level of data.
IDTheft solutions and cyber insurance are fast becoming a necessary (and soon, default) requirement.
Facebook said Wednesday that "malicious actors" took advantage of search tools on its platform, making it possible for them to discover the identities and collect information on most of its 2 billion users worldwide. The abuse of Facebook's search tools — now disabled — happened far more broadly and over the course of several years, with few users likely escaping the scam, company officials acknowledged. The scam started when hackers harvested email addresses and phone numbers on the Dark Web. Then the hackers used automated computer programs to feed the numbers and addresses into Facebook's "search" box, allowing them to discover the full names of people affiliated with the phone numbers or addresses, along with whatever Facebook profile information they chose to make public, often including their profile photos and hometowns.