A mobile developer has discovered what he claims is a security vulnerability in the Facebook Graph Search that allowed him to automate the compilation of a list of some 2.5 million phone numbers – some of which are tied to Facebook accounts and, therefore, user identities – to prove a point to the company.
When Brandon Copley first discovered this flaw this last March, he tipped off Facebook to its existence so that they could patch it.
“I used this to catch a criminal–someone was selling stolen goods on Craigslist, and I had their number, and used this to find who that person was on Facebook and from there reported them to the police,” he explained to the security team. Unfortunately, the company responded by saying that it considers it a normal feature and that it’s up to the users to safeguard their privacy with the tools made available to them by the social network.
SOURCE: net-security.org
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…
“Cybersecurity is increasingly complex, in part, due to the interconnected…
“Unfortunately, time and time again we see NGOs, hospitals and…
As I have always said - it is verified trust…