Internet Security Vulnerability In Facebook Discovered

A potential security flaw has been discovered on popular social networking site Facebook, apparently hackers can access any user’s account provided they registered with their phone number and not email. The vulnerability was first discovered by software engineer Reza Moaiandin, it’s an Internet security loophole which allows hackers to access an individual’s user profile, photos and location data which can be harvested to perform other wrongs against the victim.


All it takes for the Internet security breach to work is a phone number and a few simple number-generation algorithms, which anyone with basic IT skills can perform with ease. While doing his research, Moaiandin managed to generate 1000s of positive matches which after being fed into the Facebook API system, gave him unlimited access to multiple accounts without the owners ever knowing what happened.

He blames the Internet security issue on Facebook’s default “Who Can Find Me?” setting, which allows anyone to find another person’s profile by using a mobile number only. This setting is characteristically left accessible to everybody on the net even strangers, so felons with number generating software can find it easier to gobble up swathes of random user details without getting detected. Those who have accounts with this site are advised to be vigilant and make appropriate changes on their settings every so often; it shall help in guaranteeing Internet security each time you log into your profile.

Internet Security Vulnerability

While some details about a person are already being accessible to the public, the most worrying trend is the ability to directly link an individual to their phone number. This may lead to identity theft and harassment, and as for celebrities the crooks may engage in trolling and posting negative messages on walls to dent their image. Writing on his company’s blog, Reza says that he discovered the vulnerability by mistake and that if used by hackers it can harvest “millions” of innocent people’s details. Moaiandin has already brought the Internet security flaw to Facebook’s attention in April. One Facebook representative said that they don’t actually consider it an Internet security flaw, but that settings are also in place on each user’s account to gauge and mitigate any form of abuse.

One thought on “Internet Security Vulnerability In Facebook Discovered”

  1. Nice to know. But following up….What are we supposed to do other than to keep an eye on things ? I rarely use Facebook these days, it destroys time and keeps me away from friends who don’t spend every waking moment sitting in a room alone staring at a monitor or walking into traffic texting. As you know Facebook forces us to supply phone numbers. Personally, I log in with email, never once have I logged in with my phone number. Are you recommending that we now logon to FB immediately exposing myself to this vulnerability , putting stagnant logarithms back into play to make changes ? If so , what should I change ? It would be more helpful if the article specifically advised some ideas or steps which we could take to protect ourselves from *another* Facebook hacking vulnerability only recently brought to light. Although we appreciate the time and effort you put into providing these alerts and articles if they neglect to provide recommendations how to remedy the situation beyond suggesting generic, common sense steps which anyone with a brain should be taking anyway , I don’t see the point. So, should we run out and change our phone numbers ? Because to open up a FB account, at least back in 2009, we were forced to supply a phone number and other personal info. to open up a Facebook account. Thus, it’s too late- we’ve already been exposed-regardless what damage control @ FB HQ, marketing is claiming.

Leave a Reply