50M Facebook user accounts compromised
san francisco — Facebook on Thursday confirmed that advertisers were privy to phone numbers given by members of the social network for enhanced security.
A study by two US universities, first reported by news website Gizmodo, found that phone numbers given to Facebook for twofactor authentication were also used to target advertising.
Two-factor authentication is intended to enhance security by requiring a second step, such as entering codes sent via text messages, as well as passwords to get into accounts.
Phone numbers added to profiles, for security purposes, or for messaging were potential fodder for advertisers, according to the study.
“These findings hold despite all the relevant privacy controls on our test accounts being set to their most private settings,” researchers said in the study, which looked at ways advertisers can get personally identifying information (PII) from Facebook or its WhatsApp and Messenger services.
Contact lists uploaded to Facebook platforms could be mined for personal information, meaning that people could unintentionally help advertisers target their friends.
“Most worrisome, we found that phone numbers uploaded as part of syncing contacts — that were never owned by a user and never listed on their account — were in fact used to enable PIIbased advertising,” researchers said in the study.