What if someone has access to the whole database? What if someone intrudes too often on our privacy? With Facebook, that has happened. What we can only guess has occurred with the most used framework for social media.
Someone has obtained the full phone number database of the users. Facebook accounts were added to these phone numbers. Using only a Telegram bot, someone sells those numbers. Motherboard noted this issue, per The Verge report.
What is the problem?
Alon Gal, a security researcher, discovered this Facebook flaw. He says that 599 million users are mobile numbers for the person who sells the numbers. Experts already fixed this vulnerability on Facebook back in 2019.
There is a need for enormous technological expertise having multiple databases. There is an interaction between the individual who has the database and the individual who wants the data.
The database owner isn’t going to distribute all the information. Creating a Telegram bot will help to solve these two problems.
These bots are helpful when any sensitive information is compromised. The bots are crafted in such a way that they carry out two of their duties. These bots will find the individual’s number if the Facebook user ID is known.
If they know the number, the bots can easily find the Facebook user ID as well. You may think that it’s going to cost money. According to the motherboard records, the hacker buys the data on one credit and sells it for $20.
Is the user’s privacy safe on Facebook?
One can get 10,000 credit for just $5,000 through the bulk pricing feature. It will only cost one credit to access a piece of information associated with the user’s number and Facebook ID. According to the screenshots Gal posted on Twitter, the bot has been in service since January 12, 2021.
But the details that’s being exchanged is from 2019. This is relatively old, but the non-changeable phone numbers may be the catch. More often, every year, individuals don’t change their phone numbers. For Facebook, it is humiliating.
The business obtained the user’s phone number. The two-factor authentication was turned on by those users.
As of now, it is not certain that Telegram has been contacted by the motherboard or the security researchers. The bot will be let down by the touch. In such situations, as soon as possible, the firm clamps down on the bot.
That is not to paint an image too rosy, as the knowledge is still available on the web. This information has resurfaced twice after it was scrapped in 2019, according to the reports. The only hope is that, as soon as possible, this dilemma will be fixed.