Facebook: 489 million mobile phone numbers online, another attack on privacy
New security problem for Facebook: a database not protected by a password and containing the mobile phone numbers of millions of users (even celebrities) was available on the Net available to the bad guys.
A new security issue for Facebook has been revealed at this time. This time, the mobile phone numbers of the social-network users who ended up online because of the lightness of the database management that contained them were affected.
The figures are impressive: according to the report, there is talk of as many as 419 million telephone numbers connected to Facebook user accounts and easily accessible to anyone. Of the more than 400 million data, 133 million were US users, 18 million UK users and 50 million Vietnamese users. Facebook stated that the numbers would be around 210 million as some were duplicates.
Even more serious was the discovery that the database was not protected by any password, leaving the information available to anyone who knew how to recover it.
Inside the database, there was a unique identification number of the user and a clear mobile phone number. Through the identification number, it was possible to trace the user and to know his telephone number even if the latter is not publicly available. Furthermore, those same numbers can be associated with the user’s ” password recovery ” function, making the situation even more complicated.
The checks confirmed that the information was accurate and that in some cases other information such as name, gender and in which country the user is located was also available.
Facebook confirmed the security problem while the database was made inaccessible by the hosting provider. However, it is not excluded that some attackers may have copied part or all of their data, thus allowing use even in a database that is no longer available.
Always the social network has specified that the telephone numbers inside the dabatase dated back to over a year ago (before April 2018), when Facebook has modified the own management of the privacy and in particular of the telephone numbers. A spokesman said, ” this dataset is old and the information appears to have been obtained before we made changes last year to remove users ability to find people using their phone numbers. The data set is has been removed, and we have not seen evidence that Facebook accounts have been compromised “.
