Karlston Posted January 26, 2021 Share Posted January 26, 2021 Facebook users’ phone numbers are for sale through a Telegram bot It’s $20 per number, unless you’re buying in bulk Illustration by Alex Castro / The Verge Someone has gotten their hands on a database full of Facebook users’ phone numbers, and is now selling that data using a Telegram bot, according to a report by Motherboard. The security researcher who found this vulnerability, Alon Gal, says that the person who runs the bot claims to have the information of 533 million users, which came from a Facebook vulnerability that was patched in 2019. With many databases, some amount of technical skill is required to find any useful data. And there often has to be an interaction between the person with the database and the person trying to get information out of it, as the database’s “owner” isn’t going to just give someone else all that valuable data. Making a Telegram bot, however, solves both of these issues. The bot allows someone to do two things: if they have a person’s Facebook user ID, they can find that person’s phone number, and if they have a person’s phone number they can find their Facebook user ID. Though, of course, actually getting access to the information you're looking for costs money — unlocking a piece of information, like a phone number or Facebook ID, costs one credit, which the person behind the bot is selling for $20. There’s also bulk pricing available, with 10,000 credits selling for $5,000, according to the Motherboard report. The bot has been running since at least January 12, 2021, according to screenshots posted by Gal, but the data it provides access to is from 2019. That’s relatively old, but people don’t change phone numbers that often. It’s especially embarrassing for Facebook as it historically collected phone numbers from people including users who were turning on two-factor authentication. At the moment it’s unknown if Motherboard or security researchers have contacted Telegram to try to get the bot taken down, but hopefully it’s something that can be clamped down on soon. That’s not to paint too rosy a picture, though — the data is still out there on the web, and it’s resurfaced a couple of times since it was initially scraped in 2019. I’m just hoping that the easy access will be cut off. Facebook users’ phone numbers are for sale through a Telegram bot Link to comment Share on other sites More sharing options...
zanderthunder Posted January 26, 2021 Share Posted January 26, 2021 Adding with WhatsApp number being leaked to Google's search and WhatsApp being a part of Facebook, that is a major headache for Facebook. Link to comment Share on other sites More sharing options...
tysroby Posted January 26, 2021 Share Posted January 26, 2021 Might be why I am lately getting 3 spam phone calls from different numbers on a daily basis... Link to comment Share on other sites More sharing options...
zanderthunder Posted January 26, 2021 Share Posted January 26, 2021 14 minutes ago, tysroby said: Might be why I am lately getting 3 spam phone calls from different numbers on a daily basis... That's why I use Truecaller instead. First line of defense against spam phone calls. Link to comment Share on other sites More sharing options...
vissha Posted April 6, 2021 Share Posted April 6, 2021 On 1/26/2021 at 9:58 PM, zanderthunder said: That's why I use Truecaller instead. First line of defense against spam phone calls. Why share data to another bigdata app? Truecaller profiles you and your contacts, similar to fb. Only when hackers open the lock, you'll know what's happening with these cos. Without email/login/mobile number, you can't use Truecaller or similar, which is unnecessary as the core reason is to get to know the spam calls or the caller name/org. What if TrueCaller's huge db of personal contact data is leaked in a similar way? Better to put pressure on the Lawmakers to increase the consequences for spam calls if DND applied. Link to comment Share on other sites More sharing options...
zanderthunder Posted April 15, 2021 Share Posted April 15, 2021 On 4/7/2021 at 1:39 AM, vissha said: Why share data to another bigdata app? Truecaller profiles you and your contacts, similar to fb. Only when hackers open the lock, you'll know what's happening with these cos. Without email/login/mobile number, you can't use Truecaller or similar, which is unnecessary as the core reason is to get to know the spam calls or the caller name/org. What if TrueCaller's huge db of personal contact data is leaked in a similar way? Better to put pressure on the Lawmakers to increase the consequences for spam calls if DND applied. Your point looks like absurd to me tho. Besides, if you're questioning Truecaller, you indirectly questioning about Google's spam filter function when using Google Phone as caller app. Link to comment Share on other sites More sharing options...
vissha Posted April 15, 2021 Share Posted April 15, 2021 21 hours ago, zanderthunder said: Your point looks like absurd to me tho. Besides, if you're questioning Truecaller, you indirectly questioning about Google's spam filter function when using Google Phone as caller app. Yes, Not just Truecaller. It is best to choose your own privacy oriented apps & replace, configure and block permissions+firewall before you put your data in any phone. All inbuilt Phone apps have Caller ID & Spam Protection. We should be aware of T&C, Privacy Polices before enabling them. Aren't you curious about Truecaller's multiple apps (Truecaller,Hiya,...) all do the same thing? They want everyone to use it & profile & track you, market you, feed to bigdata. All countries should follow new restrictions as in EU's new limitations to AI. Only then Privacy can improve globally! Link to comment Share on other sites More sharing options...
zanderthunder Posted April 19, 2021 Share Posted April 19, 2021 On 4/16/2021 at 6:55 AM, vissha said: Yes, Not just Truecaller. It is best to choose your own privacy oriented apps & replace, configure and block permissions+firewall before you put your data in any phone. All inbuilt Phone apps have Caller ID & Spam Protection. We should be aware of T&C, Privacy Polices before enabling them. Aren't you curious about Truecaller's multiple apps (Truecaller,Hiya,...) all do the same thing? They want everyone to use it & profile & track you, market you, feed to bigdata. All countries should follow new restrictions as in EU's new limitations to AI. Only then Privacy can improve globally! Any proofs to support your proof? Link to comment Share on other sites More sharing options...
vissha Posted April 19, 2021 Share Posted April 19, 2021 4 hours ago, zanderthunder said: Any proofs to support your proof? Search the web(Not Google/Bing's Personlized Search engines) for "Truecaller Privacy" & after few scrolls with privacy page links of Truecaller, you'll get a lot of genuine news of multiple privacy concerns with official source links. Even nsane have more of those news shared. For Google or any tech giants, every person who read real tech news(not just innovation/release oriented) or who have read their privacy policy & terms deeply would surely be aware of their activities. Quote In Tech/Security/Privacy - Trust No One, Just for Granted or if someone recommend/makes you believe something! Do a Deep research, ask questions, think negatively to get the true answers. If most of your answers give a positive feel, go ahead with it. - My Word of Caution! Link to comment Share on other sites More sharing options...
3175x175(CURRENT).thumb.jpg.b05acc060982b36f5891ba728e6d953c.jpg)
Recommended Posts
Archived
This topic is now archived and is closed to further replies.