Facebook Inc(NASDAQ:FB) is once again in the news
for all the wrong reasons. This time it is a security breach that is related to
security settings on the social networking site. Facebook suggests users to
provide their contact numbers so that their accounts are more secure and thus
allowing friends to look them up as well.
However, independent security researcher Suriya
Prakash discovered a fatal glitch in the system due to which, hackers can get
unauthorized access to millions of personal contact details to use for
nefarious means. Prakash had reported the issue to Facebook over a month ago,
but the site took a long time to fix the loophole.
According to Prakash, someone with a suitable
100k botnet and a decent script can download all contact details of all
Facebook users who own a mobile phone, which presently comes to 600 million.
The download can be accomplished in just 48 hours! He told users to immediately
change privacy settings so that their phone numbers are just visible to them
and no one else.
Facebook told Computer World that the
search-by-phone feature is quite popular, and Prakash’s discovery was
restricted to only a certain portion of the user base. Furthermore, Facebook
has taken precautions and is making security upgrades to the site on a regular
basis to shield users’ personal data from all sorts of attacks.
No comments:
Post a Comment