
Reza Moaiandin, technical director of SALT, generated every possible number combination in Britain, US and Canada using a coding script. After that, he sent millions of numbers to Facebook's app-building programme (API) in bulk and received millions of unobstructed personal profiles.
Read: Facebook's new experimental algorithm can identify you even from unclear pictures
"With this security loophole, a person with the right knowledge can harvest the non-private details of the users who allow public access to their phone numbers, enabling the harvester to then use or sell the user details for purposes that the user may not be happy with," Moaiandin said.
However, even after Facebook was notified in April and asked to pre-encrypt APIs, the security loophole still exists. This means that the details of 1.44 billion Facebook users could be misused by cyber criminals.
Read: How to put Facebook stalkers in their place
According to a report last year by the national security division of RAND Corporation, a non-profit global policy think tank based in the US, Twitter and Facebook accounts are now more profitable than stolen credit cards as pictures, names, phone numbers, education history and locations can be sold on a network of illegal trading sites.
This article originally appeared on India Today
COMMENTS
Comments are moderated and generally will be posted if they are on-topic and not abusive.
For more information, please see our Comments FAQ