Hundreds of millions of phone numbers linked to Facebook accounts have been found online. As reported by TechCrunch, security researcher and member of the GDI Foundation Sanyam Jain discovered an insecure, password-protected server accessible to anyone, containing 419 million phone numbers. The numbers are associated with other information such as the person’s name, country of residence or gender.
Facebook: 419 million phone numbers accessible to anyone
The numbers are for users from different countries which is normal considering the volume of the leak. The United States (133 million), Vietnam (50 million) and the United Kingdom (18 million) are among the most affected nations. This revelation comes a few months after a problem with Facebook’s dual-factor authentication system. Which made phone numbers public.
Facebook spokesperson Jay Nancarrow said the data had been scraped before Facebook cut off access to user phone numbers.
“This data set is old and appears to have information obtained before we made changes last year to remove people’s ability to find others using their phone numbers,” the spokesperson said. “We have no evidence that Facebook accounts are compromised.”
Facebook has long restricted developers‘ access to user phone numbers. The company also made it more difficult to search for friends’ phone numbers. But the load of this data could be done at the end of last month — though that doesn’t necessarily mean the data is new.
This latest data exposure is the most recent example of data available online and publicly without a password. Although often tied to human error rather than a malicious breach, data exposures nevertheless represent an emerging security problem.
It is worth to mention that Mark Zuckerberg has promised changes with better protection of the privacy of Facebook users. But there is still a long way to go for it.