Facebook Inc(NASDAQ:FB) is once again in the news for all the wrong reasons. This time it is a security breach that is related to security settings on the social networking site. Facebook suggests users to provide their contact numbers so that their accounts are more secure and thus allowing friends to look them up as well.
However, independent security researcher Suriya Prakash discovered a fatal glitch in the system due to which, hackers can get unauthorized access to millions of personal contact details to use for nefarious means. Prakash had reported the issue to Facebook over a month ago, but the site took a long time to fix the loophole.
According to Prakash, someone with a suitable 100k botnet and a decent script can download all contact details of all Facebook users who own a mobile phone, which presently comes to 600 million. The download can be accomplished in just 48 hours! He told users to immediately change privacy settings so that their phone numbers are just visible to them and no one else.
Facebook told Computer World that the search-by-phone feature is quite popular, and Prakash’s discovery was restricted to only a certain portion of the user base. Furthermore, Facebook has taken precautions and is making security upgrades to the site on a regular basis to shield users’ personal data from all sorts of attacks.