A security researcher found a server on the internet containing more than 419 million records related to Facebook users.
No password protection was in place – meaning the treasure trove of phone numbers was available to literally anybody with an internet connection.
Read more in my article on the Tripwire State of Security blog.
If you really must use Facebook, don’t give it your phone number – not even for 2FA.
It’s been a bad week for Facebook and its two billion-plus users.
Not only was it revealed that millions of users had their accounts exposed by a vulnerability, but the site has been up to dirty tricks with mobile phone numbers you gave them to supposedly enhance your security.
Some computer users are reporting that they have received a new type of extortion email in their inbox, which – in an attempt to scare them into giving in to demands for money – quotes part of their phone number.
But where are the blackmailers getting the phone number from?
Mark Zuckerberg: “At some point during the last several years, someone has probably accessed your public information.”
Yep. So why didn’t you do something about it Zuck?
It’s hard enough getting people to turn on 2FA without sites using it to send non-security notifications.
Did you know that complete strangers, can search Facebook’s database for your phone number and find your profile and grab your name, profile picture and more besides?
Here is how to stop it.
SnapChat, the smartphone app loved by sexting teens sharing intimate snaps of their private parts, has finally apologised for its security screw-up.
Snapchat says it will release an updated version of its app which will better protect users’ phone numbers, but falls short of apologising to users already affected.
A website called SnapchatDB has made available what they claim is a database of 4.6 million Snapchat users, revealing usernames and phone numbers.
Symantec researchers have stumbled across a “feature” of Facebook’s official Android app which once again puts into question if the social network’s developers truly *get* security and privacy.
If you use Facebook, your phone number may not be as private as you think.
A way in which Facebook privacy can be abused has come to light that will shock many users, but that the social network itself seems to consider a deliberate feature.
O2 mobile users in the UK are venting on Twitter today, fuming at their discovery that their phone number is being shared with every website that they visit over the network.
But users of other mobile phone networks may be also affected.
Queen Beatrix of the Netherlands has her personal phone number released onto the web, via WikiLeaks diplomatic cables.
Even regal grandmothers can find they have been exposed by WikiLeaks.