From a simple phone number or an email address, third parties were able to find the Facebook account associated with it through the search engine of the social network. A flaw that has likely affected most users.
This is a new confirmation of the vulnerability of Facebook user data: in a message posted on his blog , the company’s technology director, Mike Schroepfer, explained how “malicious actors” had been able to access the data of the profiles most of the 2 billion users of the platform.
A vulnerability that has its source in Facebook’s search function, which allows everyone to search for users from their email address or phone number. A feature that could easily be used by third parties to collect a lot of data from individuals they owned one of these information, including their full names. Especially since to not appear in this search engine, it was necessary to make a change in the settings, the option is enabled by default.
“Given the scale and sophistication of the activity we found, we believe that most Facebook users could have their data retrieved this way,” commented Mike Schroepfer, adding that this search feature had been removed. Information confirmed by Mark Zuckerberg himself, in a multi-media interview : “I suppose if you have activated this setting, someone has accessed your public information in one way or another.”
The boss of Facebook has also returned to the scandal of the improper use of personal data of its users by the British firm Cambridge Analytica, estimating that up to 87 million people had been affected.