A flaw in Facebook’s security may have allowed advertisers to get access to users’ phone numbers. Even worse, Facebook reportedly knew about the glitch for months before fixing it.
If you have a Facebook account, you know you’re encouraged to share your phone number to add another layer of security to the sign-in process.
But security researchers at Northeastern University exploited a flaw in Facebook’s system and not only got users’ phone numbers, they matched them to user email addresses, too. The glitch was in Facebook’s advertising software, which allows brands and retailers access to huge amounts of anonymous user data.
The researchers found a flaw in that system and exploited it to get at those phone numbers and email addresses.
Those researchers spotted the flaw this past May and notified Facebook. Facebook paid them a $5,000 bounty for finding the glitch but didn’t fix it until Dec. 22.
Facebook says there’s no evidence companies took advantage of this.
The Simply Money Point: Though there isn't much Facebook users can do about this one, there are some easy steps you can take to better secure your account and your privacy. For those steps, click or tap right here.