Have you ever wondered where a particular company is sending your ad messages to your phone number? You might have found it from Facebook. A bug allowed social network advertisers to collect users' phone numbers, even if they were private.
Facebook resolved the issue on December 22 and paid a $ 5,000 reward the US, France and Germany researchers who discovered the vulnerability at the end of May last year.
The company claims that there is no evidence to show that someone has used this vulnerability.
This was not easy to exploit. The bug was in the Custom Audiences platform, which allows advertisers to upload anonymous customer data (including email and phone numbers) and then provide them with personalized ads based on that information. When different lists were uploaded, the system displayed (one digit at a time) the customers' telephone numbers for which only e-mail was provided.
The procedure was difficult and it took a few days only to load the lists.
Facebook announced that it has paid almost $ 1 million in rewards last year to ethical researchers and hackers who have discovered vulnerabilities in their services its.