By default, this setting is left as accessible to “Everyone/Public”, so anyone with a number generator and access to the Facebook API (neither of which are hard to come by) could gobble up swathes of user data, unless vigilant Facebook users make the appropriate settings changes.
Advertisement
Despite the response, Moaiandin said that Facebook users remain at risk as the bug is now widely known. Then, using Facebook’s GraphQL – a tool the website uses to organise their data – to collect all of the information the website has on these users.
The data was harvested using a little-known search feature which allows you to search for any Facebook user using only their phone number.
Facebook Inc (NASDAQ:FB) has been besieged with requests and demands from concerned users to further tighten its “privacy settings” after news filtered out that a software engineer Reza Moaiandin has revealed how he was able to get access to “names, profile pictures and locations of users who had linked their mobile number to their Facebook account”. It appears that Facebook has rate-throttling in place to prevent third-parties from polling its databases at a level that it finds uncomfortable, but that Moaiandin’s script didn’t reach those limits – even though it sounds as if he would have been able to access a large amount of data.
I first warned about the possible privacy dangers of your mobile number not being as private as you think back in 2012 – but it seems many people are unaware or have chosen not to adjust their privacy settings.
The researcher said that he went to Facebook in April, but that the firm’s response was not enthusiastic and it did not consider the problem to be significant.
If you’re anxious, here’s how to remove yours. “We have industry leading proprietary network monitoring tools constantly running in order to ensure data security and have strict rules that govern how developers are able to use our APIs to build their products”.
‘Everyone who uses Facebook has control of the information they share, this includes the information people include within their profile, and who can see this information.
Advertisement
This week it’s Facebook’s turn to take some flack, as we’ve just found out that people can obtain a lot of your personal info via your phone number.
