Facebook has been insisted to update their privacy settings, after Reza Moaiandin, a software engineer harvested user data, by guessing their mobile numbers. The developer obtained the name, location as well as the profile pictures of the users who had linked their phone numbers with their Facebook account but kept it hidden from the friends in their profile or any user in that case.
Experts are in favor of saying that this loophole would allow hackers to access the data of Facebook users, which would further enhance the chance of cyber crime. Reza exploited the little known privacy settings that allow anyone to find another user just by putting in their phone numbers in the search bar.
Usually, the ‘Who can find me?’ setting is set as ‘Everyone/Public’ in most profiles. If a profile user has linked his phone number with his Facebook account, anyone can easily find him with phone numbers even if the phone number is hidden from public. By using a simple algorithm, Reza generated thousands of mobile numbers, which when sent to Facebook’s API, he could easily get links of several users. The information Reza could gather by this means were all available for public, but this loophole can eventually lead to abuse and cyber crime.