Facebook has allowed its users to search people using their email address and phone numbers. After being hit by recent privacy disasters, Facebook now revealed that the feature that was designed to help users find each other on social media giant might have exposed their public information to malicious actors.
In a conference, Mark Zuckerberg said that after obtaining email IDs and Phone numbers from the dark web, malicious actors would then search Facebook with those credentials to gain additional data from Facebook through Facebook Search. Zuckerberg also said everyone who has not disabled this feature (it is enabled by default) might have their public data scraped by hackers, researchers and others.
The data was already public and extremely easy to scrap from 2 billion users of Facebook. It is unclear why the companies failed to spot this activity in time and pulled this feature to avoid data exposure.
Everyone has a setting on Facebook, that controls — it’s right in your privacy settings — whether people can look you up by your contact information. Most people have that turned on, and that’s the default, but a lot of people have also turned it off. So it’s not quite everyone, but certainly the potential here would be that over the period of time that this feature has been around, people have been able to scrape public information. The information—that if you have someone’s phone number, you can put that in, and get a link to their profile which pulls their public information. So, I certainly think that it is reasonable to expect that if you had that setting turned on, that at some point during the last several years, someone has probably accessed your public information in this way.
“It’s clear now that we didn’t do enough,” Mark said. “We didn’t focus enough on preventing abuse and thinking through how people could use these tools to do harm as well. That goes for fake news, foreign interference in elections, hate speech, in addition to developers and data privacy.”
Zuckerberg will testify before Congress on April 11. While yesterday’s conference call with the media was another form of apology coming from the Facebook chief, he is going to be grilled at the hearing for the multitude of failures that keep coming to the front. “We didn’t take a broad enough view of what our responsibility is, and that was a huge mistake,” Zuck said.
“It was my mistake.”