Facebook is one of the biggest social media platforms providing their users all the perks to enjoy this site but what if your data is not secured? Nowadays Facebook is facing these technical bugs back to back.
A researcher recently disclosed a potentially enormous flaw that might disclose user’s email addresses even if they’ve decided to keep them private. This is just one of the numerous privacy problems that have surfaced in recent months.
A few months ago, a data breach exposed the personal information of more than 500 million Facebook users, including email addresses, phone numbers, names, and more. The information was posted onto a hacker forum on April 3, 2021, which leaked out during a data breach in 2019.
Recently another security crisis has evolved, on underground forums, a new program is floating that utilizes a Facebook vulnerability to reveal email addresses associated with user accounts. Alon Gal, Co-founder, and CTO of cybersecurity firm Hudson Rock sent a video of the tool in operation to several cybersecurity specialists and then put it on YouTube. A video went viral showing a researcher showcasing a program called Facebook Email Search v1.0, in which he claimed could connect Facebook accounts to up to 5 million email addresses every day.
The researcher, who revealed this went public after Facebook indicated the flaw he discovered wasn’t “important” enough to be solve, he sent them a list of 65,000 email addresses and waited to see what happened.
“As you can see from the output log here, I’m receiving a large number of results from them,” the researcher explained as the program processed the address list in the video. “I paid around $10 for 200 or so Facebook profiles. I was able to do this for 6,000 email accounts in under three minutes.”
Facebook issued the following statement: “It looks that this bug bounty report was incorrectly closed before being routed to the proper team. We appreciate the researcher’s sharing of the information and are taking immediate steps to address the problem as we continue to investigate their results.”
A Facebook spokesperson did not answer a query about whether the firm told the researcher that the vulnerability was not serious enough to warrant a remedy. Facebook engineers think they have minimized the breach by blocking the methodology seen in the video, according to the official.
Facebook did not address the issue publically whether it has been fully resolved or not. We hope to see a positive response from them in the coming days.
Let’s wait for the great news!