- Jan 8, 2011
- 22,361
Facebook users may want to think twice before putting a phone number on their profile.
The social network encourages anybody who uploads pictures from their mobile to add their number too.
But if they do, anybody can find that person's name, picture and location - regardless of their privacy settings - by typing their number into the search bar.
Underlining the security dangers, a British software engineer has even harvested thousands of data about users, simply by generating random phone numbers.
Reza Moaiandin, technical director of Salt.agency, used a coding script to generate every possible number combination in the UK, US and Canada.
He then sent millions of numbers to Facebook's app-building program (API) in bulk. In return, he received millions of unobstructed personal profiles.
Despite notifying Facebook in April, and calling for APIs to be pre-encrypted, the security loophole remains intact, leaving the site's 1.44 billion users open to hacks.
Read on: Please Fix This Security Loophole - SALT.AGENCY