Facebook on Thursday confirmed that advertisers were privy to phone numbers given by members of the social network for enhanced security.
A study by two US universities, first reported by news website Gizmodo, found that phone numbers given to Facebook for two-factor authentication were also used to target advertising.
Two-factor authentication is intended to enhance security by requiring a second step, such as entering codes sent via text messages, as well as passwords to get into accounts.
Phone numbers added to profiles, for security purposes, or for messaging were potential fodder for advertisers, according to the study.
“These findings hold despite all the relevant privacy controls on our test accounts being set to their most private settings,” researchers said in the study, which looked at ways advertisers can get personally identifying information (PII) from Facebook or its WhatsApp and Messenger services.
Contact lists uploaded to Facebook platforms could be mined for personal information, meaning that people could unintentionally help advertisers target their friends.
“Most worrisome, we found that phone numbers uploaded as part of syncing contacts — that were never owned by a user and never listed on their account – were in fact used to enable PII-based advertising,” researchers said in the study.
The study supported concerns that Facebook uses “shadow” sources of data not given to the social network for the purpose of sharing to make money on advertising.
“We use the information people provide to offer a better, more personalized experience on Facebook, including ads,” a spokeswoman said in response to an AFP inquiry about the study findings.
“We are clear about how we use the information we collect, including the contact information that people upload or add to their own accounts.”
Facebook is grappling with the worst crisis in its history, vilified for not more zealously guarding the information that users share.
The Silicon Valley-based internet colossus faced intense global scrutiny over the mass harvesting of personal data by Cambridge Analytica, a British political consultancy that worked for Donald Trump’s 2016 election campaign.
The company has admitted up to 87 million users may have had their data hijacked in the scandal.
More from AFP
- Hackers Issue ‘Ultimatum’ Over Payroll Data Breach
- Amazon Settles Ring Customer Spying Complaint
- France Punishes Clearview AI For Failing To Pay Fine
- Twitter Celebrity Hacker Pleads Guilty in US
- Pro-Russian Hackers Claim Downing of French Senate Website
- Microsoft Expands AI Access to Public
- Hackers Promise AI, Install Malware Instead
- Australian Finance Company Refuses Hackers’ Ransom Demand
Latest News
- Consolidate Vendors and Products for Better Security
- Pharmaceutical Giant Eisai Takes Systems Offline Following Ransomware Attack
- Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data
- North Korean Hackers Blamed for $35 Million Atomic Wallet Crypto Theft
- Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions
- Barracuda Urges Customers to Replace Hacked Email Security Appliances
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- BBC, British Airways, Novia Scotia Among First Big-Name Victims in Global Supply-Chain Hack
