Facebook is still suffering from the effects of revealing the phone numbers of hundreds of millions of users over the past month, but it is now facing a new privacy crisis over email addresses that the social media giant must deal with.
And theShed An anonymous security researcher sheds light on a new vulnerability that reveals millions of users’ email addresses.
And he designed a tool called Facebook Email Search v1.0 that links Facebook accounts to their associated email addresses.
The anonymous security researcher published a video showing the tool that can link Facebook accounts to email addresses, even when the user has chosen not to display the email address to the public.
He explained that the tool was able to process up to 5 million addresses per day, but he provided it with a list of 65,000 addresses just to prove the concept.
He said: I reported the vulnerability to Facebook before it was published, but I made the Facebook Email Search v1.0 tool and posted the video after the social media giant told me that it did not think the exploit was important enough to be fixed.
In response to the report on the Facebook Email Search tool v1.0, a Facebook spokesperson said: We value the researcher’s sharing of information and are taking initial measures to mitigate this issue as we continue to better understand his findings.
He added: Facebook engineers believe they have mitigated the leak by disrupting the technology shown in the video.
It is not currently known whether the error was used to create a database of email addresses of Facebook users.
And the researcher said: Facebook had a similar vulnerability earlier this year that was fixed, and this is exactly the same vulnerability, and for some reason they told me directly that they would not take any action on it, although I made it clear to Facebook.
Facebook has been criticized for collecting this massive amount of data and for the way it is actively trying to promote the idea that such vulnerabilities cause little harm to its users.
And in Message An email about the leak of phone numbers of hundreds of millions of users that Facebook mistakenly sent to the Dutch publication DataNews, the company instructed public relations workers to frame this as a broad industry issue and normalize the fact that this activity occurs regularly.