IMAGE: Eduardo Woo — CC BY

Yet another example of Facebook’s breathtaking irresponsibility

Enrique Dans
Enrique Dans

--

A huge database with the phone numbers of 419 million Facebook users has been found online on an unprotected server in a database with no password, in the umpteenth demonstration of the company’s breathtakingly feeble security. A tool is not yet available to check if your phone is among them, but it will probably be shortly. Apparently, when Facebook decided to request its users their phone numbers and made these phone numbers searchable, some bad actors started to use that search function to systematically search for random numbers and compile (and presumably, commercialize) huge databases. A behavior like that should have been patently obvious for Facebook’s system administrators, but the company decided to do nothing for several years, thus compromising the security of its users.

The database includes Facebook users’ ID and the telephone number associated with their account, making it possible to access their profile and obtain additional data that could be used for any number of nefarious schemes.

How will Facebook defend itself? By simply saying “it wasn’t them, but some bad actor”. As if such a lame excuse could remove all responsibility from someone who owns a platform, and allows it, in a totally irresponsible way, to be used for something like this under their very nose. At a time when the SIM swap

--

--

Enrique Dans
Enrique Dans

Professor of Innovation at IE Business School and blogger (in English here and in Spanish at enriquedans.com)