Putting your phone number on Facebook can put your life and future at risk.
Facebook users may want to think twice before adding their telephone number on their profile. But if they do, anybody can find that person’s name, picture and location -regardless of their privacy settings – by typing their number into the search bar.
Underlining the security dangers, a British software engineer has even harvested thousands of data about users, simply by generating random phone numbers.
From Daily Mail:
Reza Moaiandin, technical director of Salt.agency, used a coding script to generate every possible number combination in the UK, US and Canada.
He then sent millions of numbers to Facebook’s app-building program (API) in bulk. In return, he received millions of unobstructed personal profiles.
Despite notifying Facebook in April, and calling for APIs to be pre-encrypted, the security loophole remains intact, leaving the site’s 1.44 billion users open to hacks.
Apparently, Facebook does not think it’s a big deal. ‘We do not consider it a security vulnerability, but we do have controls in place to monitor and mitigate abuse,’ a Facebook spokesman told Mr Moaiandin, according to his blog.
Mr Moaiandin said in a statement to the Mail: ‘With this security loophole, a person with the right knowledge can harvest the non-private details of the users who allow public access to their phone numbers, enabling the harvester to then use or sell on the user details for purposes that the user may not be happy with.’
The cyber black market has become more profitable than ever according to a report made last year.
Typically, hackers sell vast quantities of data in bulk for a huge profit. Twitter and Facebook accounts are now more profitable than stolen credit cards, according to the report.
