CATEGORIES
home News

Facebook’s Security Incompetence Exposes Over 400 Million Personal Phone Numbers

by Brittany GoettingWednesday, September 04, 2019, 08:25 PM EDT
Facebook
Facebook must once again deal with the repercussions of a major security blunder. An exposed server recently published more than 419 million phone numbers and Facebook IDs. At least 133 million of those phone numbers were based in the United States. Anyone could have accessed the information before the server was finally taken down.

Security researcher Sanyam Jain was the first to find the exposed server. The server was not owned by Facebook, but still contained users’ Facebook IDs and phone numbers. A Facebook ID is a public number that is associated with an account. The number often contains portions of a person’s Facebook name and it is not difficult to determine the owner of the ID number. The server also contained information about some users’ gender and location by country.

The server was not password protected and could have been easily accessed by anyone before the web host shut it down. At the moment no one knows who owned the database. Facebook used to allow users to search for others by phone number, but this feature was removed in April 2018 after the Cambridge Analytica scandal. It is believed that the data on this server was collected before this feature was shut down.

facebook mark zuckerberg

Facebook spokesperson Jay Nancarrow remarked, “This data set is old and appears to have information obtained before we made changes last year to remove people’s ability to find others using their phone numbers. The data set has been taken down and we have seen no evidence that Facebook accounts were compromised.” Nancarrow also insisted that some of the numbers were duplicates and that only 200 million users may have been impacted by the server.

Although there is no evidence of foul play, many are concerned about the implications of Facebook's repeated security missteps. Phone numbers are frequently used in two factor authentication (2FA) and other cybersecurity measures. An attacker could have potentially used the phone numbers to reset the passwords of a wide variety of online accounts. The attackers could have also used the numbers to try to convince cell carriers to switch the numbers to their own SIM card. Victims may have also been potentially subjected to spam calls and harassment.

Facebook is already potentially staring down a $5 billion FTC fine due to privacy violations. The social media giant is going to need to clean up its security act if it wants to keep users and avoid further legal entanglements.
Tags:  Facebook, security breach, cybersecurity, (NASDAQ:FB)
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment