Facebook accused of exposing user phone numbers

Web Log: Privacy of those providing details as part of 2fa security measures in question

Entrepreneur Jeremy Burge claims that Facebook’s 2018 statement on Search and Account Settings is misleading or inaccurate

Entrepreneur Jeremy Burge claims that Facebook’s 2018 statement on Search and Account Settings is misleading or inaccurate

 

A new wave of criticism hits Facebook as the social networking giant has been accused of not adequately protecting the privacy of users who have provided their phone number solely for the purpose of two-factor authentication (2fa) security measures.

Entrepreneur Jeremy Burge took to Twitter when he noticed that Facebook’s default setting for phone number search is “everyone” and if a user doesn’t notice and change this setting their phone number can be used to identify them on Facebook even if they only supplied their number for 2fa security settings and not on their actual profile.

Burge said: “Login-with-Phone-Number is the new Login-with-Facebook. Easy to track, shared between services, it’s the key to invisible mesh of your data. Don’t do it.” He added that even if users don’t supply their phone numbers, friends who are fellow Facebook users are prompted to find phone contacts on Messenger, which links your profile to your number regardless of your explicit consent.

Burge added that, as of March 4th, Facebook’s 2018 statement on Search and Account Settings is misleading or inaccurate because it states that it has disabled the look up by phone number feature for security purposes including reducing the risk of malicious public profile scraping.

https://twitter.com/jeremyburge/status/1101402001907372032