Dear Valued Visitor,

We have noticed that you are using an ad blocker software.

Although advertisements on the web pages may degrade your experience, our business certainly depends on them and we can only keep providing you high-quality research based articles as long as we can display ads on our pages.

To view this article, you can disable your ad blocker and refresh this page or simply login.

We only allow registered users to use ad blockers. You can sign up for free by clicking here or you can login if you are already a member.

Facebook Inc. (FB): New Data Exploit Discovered

Facebook Inc.Facebook Inc. (NASDAQ:FB) has been well-documented with security and privacy issues as it has tried to navigate that hairline between having an open Internet for collaboration and communication, while trying to keep personal data of users confidential. And based on several reports and investigations in the U.S. and Europe, Facebook Inc. (NASDAQ:FB) seems to be doing better on one side than the other. This might just be a headache for investors in Facebook Inc. (NASDAQ:FB) stock, like billionaire fund manager George Soros of Soros Fund Management.

Recently, another possible issue came forth in the privacy and security realm for Facebook Inc. (NASDAQ:FB) when a “self-proclaimed security enthusiast” found profiles just by using a person’s phone number – supposedly one of those pieces of data that Facebook hides from other users unless the user opts to show it.

The Facebook Inc. (NASDAQ:FB) vulnerability was discovered by Suriya Prakash, who accessed Facebook from his mobile device, and he found the exploit through the Web site’s mobile portal instead of its main PC portal. As he described it: “About a month ago I was just browsing Facebook on my Facebook mobile application and it had an option called ‘Find friends using contacts’ — what it does is that it compares the contact list from your phone to the Facebook (FB) database to see if you have any friends that are in your contacts but not on your Facebook account,” Prakash said. “I also later figured out that simply ‘searching’ a person’s phone number (including country code) will show you their account.”

To be able to enter a random phone number and find the entire profile of a Facebook¬†Inc. (NASDAQ:FB) user is one thing, but then Prakash said he was able to create a script that allowed him to gather a list of personal phone numbers from Facebook’s database. Prakash ran the script for four straight days through Facebook’s mobile site and it worked every time until Facebook Inc. (FB) finally caught on and blocked the script.

“Facebook has developed an extensive system for preventing the malicious usage of our search functionality and the scenario described by the researcher was indeed rate-limited and eventually blocked,” said a Facebook Inc. (NASDAQ:FB) spokesperson. “We are constantly updating these systems to improve their effectiveness and address new kinds of attacks.”

Loading Comments...
X

Thanks! An email with instructions is sent to !

Your email already exists in our database. Click here to go to your subscriptions

Insider Monkey returned 102% in 3 years!! Wondering How?

Download a complete edition of our newsletter for free!