Facebook mobile security loophole lets anyone look up your profile

Pic courtesy Facebook  JeremyBurge

Pic courtesy Facebook JeremyBurge

In September, Facebook told TechCrunch that it uses phone numbers provided for 2FA for ad targeting after Gizmodo reported that numbers provided for 2FA "became targetable by an advertiser within a couple of weeks". It comes by these numbers in a variety of ways-your mobile phone or tablet; your carrier; a number that you entered previously but didn't confirm; and contact info provided by others on Facebook. And other people can use it to look you up on Facebook. To be fair, though, anyone who's upset by this should be aware that Facebook very likely already had their number anyway, via the way it builds out its trove of connections between users - the way, for example, your friends may have uploaded their contacts, including you in that pile. On the app, click the hamburger icon on the top left, go to Settings and Privacy Privacy Privacy Shortcuts.

Facebook has been condemned for "unconscionable" security practices as it let users find people via their phone number - even if it was only provided for security reasons.

Users are only given three options: Everyone, Friends of friends, and Friends.

According to TechCrunch, the default setting is Everyone, which is likely unwelcome news for the privacy-conscious.

On the desktop, the process is similar. In the drop-down menu, select Friends.

Facebook declared the issue of leaking number as a bug and confirmed that they have fixed it. You can find the option in Settings under Privacy. WhatsApp also shares your phone number with Facebook but you can opt out.

House panel opens sweeping probe of Trump and associates
On Monday, the House Judiciary Committee, chaired by Rep. The committee said there might be additional requests. Mueller III for almost 11 months.

How did they get my phone number?

"That is why every start-up wants your phone number". Before then, a phone number was the only mandatory option. But you can try. When Facebook originally rolled out 2FA, there was no indication that the phone numbers they were collecting would be used for advertising or tied to a user's profile.

As a result of a tweet from security researcher Zeynep Tufekci, it has been revealed that the two-factor authentication which Facebook has so voraciously promoted to ensure security, can also allow anyone to look up that user's profile. Separately, the 'Who can look me up?' settings are not new and are not specific to two-factor authentication, the statement read. Worst of all, however, is the fact that there's practically no way to opt-out.

Mashable has asked Facebook whether it is planning to allow users to disable phone number lookup entirely, and will update this story when we hear back. While it is not the only way to pursue the Two-factor authentication, most of us follow the above way.

Currently, Facebook states numbers will be used "to help secure your account and more" but Burge claims the last two words were only added after it drew flak for ad-targeting.

Latest News