MENLO PARK, CA (CelebrityAccess) — As Facebook’s privacy concerns deepen amid a growing list of revelations about the company’s apparent careless disregard for the personal data of its users, the company dropped a bomb on Wednesday, that it believes most of its user’s data has been compromised.
In a post on Facebook’s blog on Wednesday, chief technology officer Mike Schroepfer detailed how the company believes malicious actors have scraped the data of the lion’s share of the site’s users by searching with their phone numbers.
“Until today, people could enter another person’s phone number or email address into Facebook search to help find them,” Schroepfer wrote in the blog post on Wednesday, “This has been especially useful for finding your friends in languages which take more effort to type out a full name, or where many people have the same name. In Bangladesh, for example, this feature makes up 7% of all searches.
“However, malicious actors have also abused these features to scrape public profile information by submitting phone numbers or email addresses they already have through search and account recovery. Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped in this way. [emphasis added] So we have now disabled this feature. We’re also making changes to account recovery to reduce the risk of scraping as well,” Schroepfer added.
While the importance of this security flaw might not seem immediately apparent, as Gizmodo’s Rhett Jones noted, it provided a major tool for data criminals to purchase lists of phone numbers on the dark web and quickly attach names and other personal information to develop detailed user profiles.
These profiles could then be instrumental in identity theft or designing attacks to compromise accounts on other platforms for an identified user.
The startling revelation comes amidst a flurry of other disclosures by the social media giant, which, as Gizmodo pointed out looks like a ‘flood the zone’ strategy, designed to lessen the impact of any one revelation.