Social media users should always take precaution to protect themselves on the internet, and sometimes that means keeping personal details hidden. One of those details that should never be shared is phone numbers. According to the Daily Mail, Salt.agency technical director Reza Moaiandin used a coding script that generates each and every phone number combination in Britain, Canada, and the United States. He sent millions of numbers to the social media giant’s API program in bulk and then received millions of unobstructed user profiles in return.
Moiandin explained to the Daily Mail that a hacker with certain knowledge can easily take non-private details of users who allow access to phone numbers. The hacker can use or sell the number for their own financial gain. The security hole remains a problem long after Facebook received a notification in April with the call for APIs to be pre-encrypted. Unfortunately, the security loophole is still intact and leaves 1.44 billion users vulnerable to hackers.
Facebook downplays the loophole’s risk
The loophole doesn’t mean everyone is at risk though. The social media giant told The Guardian about the network monitoring tools which monitor suspicious data activities. The developer kit also limits how the apps can take information, which means Facebook could cut off an app’s access to information if it appears to grab too many profiles quickly. The real concern lies in the fact that Facebook is not placing caps on data collection.
There are a few things Facebook users can do to prevent their information from being hacked. As previously mentioned, they shouldn’t link their phone numbers to their profiles. They can also change their settings to Friends Only to prevent strangers from tracing them back to their Facebook page.