Hothardware confirms that a massive data breach found by a security enthusiast exposes your private information to total strangers.
"About a month ago I was just browsing Facebook on my Facebook mobile application and it had an option called 'Find friends using contacts' -- what it does is that it compares the contact list from your phone to the Facebook database to see if you have any friends that are in your contacts but not on your Facebook account," Prakash told The Next Web. "I also later figured out that simply 'searching' a person's phone number (including country code) will show you their account."
Using Prakash's method, a person could search a random phone number to view someone's full profile, and it works nearly every time since, according to Prakash, Facebook's privacy settings are confusing so most people haven't adequately protected themselves. That in and of itself isn't too egregious, but the fact that Prakash claimed he was able to write a script to cultivate a massive phone book of everyone who lets you look them up on Facebook is the scary part.
With facebooks poor trackrecord of security, constant changes of settings and now asking 5 bucks from anyone to promote posts to strangers that are friends of friends, one wonders what their plan is. Facebook stock is bouncing like a snowball down a hill, so of course they have to hurry up and fix this security hole that affected 800 million users worldwide. Facebook says to CIO UK that the "bug" wasn't even a bug, it was a feature and so thus it's already been fixed.
"The ability to search for a person by phone number is intentional behaviour and not a bug in Facebook," Facebook said Tuesday in an emailed statement. "By default, your privacy settings allow everyone to find you with search and friend finder using the contact info you have provided, such as your email address and phone number. You can modify these settings at any time from the Privacy Settings page."