Today in bad Facebook news:
- The social media giant is now ranked 94th (out of 100) in corporate reputation, down from 50th
- The service has lost 15 million users in the U.S. since 2017 (but not your mom)
- Mark Zuckerberg’s net worth has sunk by $9 billion in a year
But that’s their bad news. Yours? Facebook’s been using your phone number in nefarious ways.
See, you handed over your number at one point to FB to “protect your account” as part of the company’s efforts in two-factor authentication (2FA).
Facebook then used your number to target you with ads. And then, no matter what your privacy setting, people can now use that phone number to look up your profile. The default phone number lookup is “Everyone,” and you can only restrict those settings (explained here) to “Friends of friends” or “Friends” … but with no option to hide your profile completely if someone has your number.
Security expert Zeynep Tufekcii summed it up perfectly with this tweet:
Phone number is such a private, important security link. But Facebook will even let you be targeted for ads through phone numbers INCLUDING THOSE PROVIDED *ONLY* FOR SECOND FACTOR AUTHENTICATION. Messing with 2FA is the anti-vaccination misinformation of security. Unconscionable. pic.twitter.com/zIQqc6QPoN
— zeynep tufekci (@zeynep) March 3, 2019
For now? Besides getting rid of Facebook entirely, we’d suggest turning your phone number lookup to “Friends” … or not using your phone number for 2FA at all (which, as the above article Tufekci links to notes, hasn’t been a requirement since only last May).
In slightly less horrible news: Two-thirds of apps that sent personal data to Facebook via the Google Play Store no longer do so.
Photo by Thought Catalog on Unsplash
This article was featured in the InsideHook newsletter. Sign up now.
