Facebook’s privacy problems never end. The latest edition of Facebook and it’s poor handling of users data involves phone numbers used to actually protect your Facebook account.
The company lets users enable two-factor authentication to add an extra layer of security to their account using their phone numbers, but that phone number is being used in other ways, too. As first noticed by Twitter user Jeremy Burge, the company is using your 2FA number to let anyone look your account up with your phone number:
Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!
"*" indicates required fields
https://twitter.com/jeremyburge/status/1101402001907372032
By default, the feature lets anyone search your account with your phone number, which is a major privacy problem. Just because someone has your phone number does not mean they should be able to look you up on Facebook and find your account, so you can imagine all the different problems surrounding this issue.
And what’s even worse is that Facebook does a poor job at informing users how their 2FA number is used for other parts of the service. And Facebook also doesn’t provide users with a way to completely turn off the lookup feature, even though it had said back in 2018 that the featured had been disabled.
A Facebook spokesperson simply told TechCrunch how the feature is not new, and how it affects all other phone numbers that you add on your Facebook account, not just the number you use for 2FA.
Still, Facebook’s ignorance towards features like this just goes to show the company’s view on sensitive user data. It’s almost like the “Facebook doesn’t care about your privacy” idea is becoming increasingly more accurate by the month.