Facebook’s big data leak also included the phone number of the company’s founder and CEO Mark Zuckerberg, security researcher Dave Walker says.
The investigator entered the number into Signal and noticed that Zuckerberg had an account there.
It is a direct competitor to Facebook-owned WhatsApp as well as Facebook Messenger.
- In a new twist, Mark Zuckerberg also respects his privacy by using a chat app with end-to-end encryption that is not owned by Facebook, Walker tweeted the tongue in his cheek.
Walker doesn’t mention, though, that WhatsApp’s communications are end-to-end encrypted as well.
Mashable, among others, reported on the matter.
The phone number, presumably owned by Zuckerberg, was found in a database of 533 million Facebook users that went public for the weekend.
1.2 million Finns are also involved.
Read more: The data of 1.2 million Finns were leaked - this way you can safely check if your phone number is included
There may not be distrust of your own products.
It is possible that Zuckerberg will use Signal to see how a competing application is evolving and changing.
As the old saying goes, keep your friends close and your enemies even closer.
Nor does the mere existence of an account mean that it is in active use.
Read more: You'll soon see new announcements on WhatsApp - that's what it's about
Signal tore joy from the revelation and tweeted about it.
With a delay of a few days, Facebook released its report on what really happened in the data leak.
According to the company, it is important to understand that the data was not obtained through hacking.
Instead, the data was scraped from Facebook before September 2019.
Scraping refers to the acquisition of information by software robots that automatically collect information left open.
Depending on your private settings, this information has included date of birth, marital status, and place of work.
Users ’phone numbers were also collected.
It is unclear whether a large proportion of Facebook users have, after all, been aware of what information they have defined as public.
Facebook believes the attacker used a feature designed to help people find their friend from the service.
Mikko Hyppönen, research director at the Finnish security company F-Secure, explains that the attacker basically created a list of all the world's phone numbers and then asked Facebook if his “friends” were there.
Facebook’s explanation gives the impression that hijacking data directly from the service would be a better thing than hacking.
Hyppönen grabbed this in his sarcastic tweet.
- Facebook assures us that your number was not stolen by hacking.
It was stolen by scraping.
- What's a little scratching between friends now?
Among 533 million guys, Hyppönen threw in his second sarcastic tweet.
It may be that the attackers haven’t even read them!
According to Facebook, the function has been changed so that a similar attack will no longer succeed with it.
However, the company says it will not always be able to prevent old or new similar databases from appearing.
The aim is to get the database, which is now in public distribution, off the web.
In practice, this is impossible.
The social service urges users to check that they are only sharing publicly the information they want others to see.
Facebook takes no responsibility for creating a scrapable system that users have barely been aware of.