Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

400 Mn Facebook Users’ Phone Numbers Exposed in Privacy Lapse: Reports

Phone numbers linked to more than 400 million Facebook accounts were listed online in the latest privacy lapse for the social media giant, US media reported Wednesday.

Phone numbers linked to more than 400 million Facebook accounts were listed online in the latest privacy lapse for the social media giant, US media reported Wednesday.

An exposed server stored 419 million records on users across several databases — including 133 million US accounts, more than 50 million in Vietnam, and 18 million in Britain, according to technology news site TechCruch.

The databases listed Facebook user IDs — unique digits attached to each account — the profiles’ phone numbers, as well as the gender listed by some accounts and their geographical locations, technology website TechCrunch reported.

The server was not password protected, meaning anyone could access the databases, and remained online until late Wednesday when TechCrunch contacted the site’s host.

Facebook confirmed parts of the report but downplayed the extent of the exposure, saying that the number of accounts so far confirmed was around half of the reported 419 million.

It added that many of the entries were duplicates and that the data was old.

“The dataset has been taken down and we have seen no evidence that Facebook accounts were compromised,” a Facebook spokesperson told AFP.

Following the 2018 Cambridge Analytica scandal, when a firm used Facebook’s lax privacy settings to access millions of users’ personal details, the company disabled a feature that allowed users to search the platform by phone numbers.

The exposure of a user’s phone number leaves them vulnerable to spam calls, SIM-swapping — as recently happened to Twitter CEO Jack Dorsey — with hackers able to force-reset the passwords of the compromised accounts.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

South Dakota Gov. Kristi Noem says her personal cell phone was hacked and linked it to the release of documents by the January 6...

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...