1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Texas Hacker Steals Phone Numbers From Facebook Users

Discussion in 'BlackHat Lounge' started by The Scarlet Pimp, Jun 26, 2013.

  1. The Scarlet Pimp

    The Scarlet Pimp Senior Member

    Apr 2, 2008
    Likes Received:
    Chair moistener.
    Hacker Collects Thousands of Phone Numbers Using Graph Search

    Brandon Copley, a mobile developer in Dallas, Texas, collected a database of 2.5 million Facebook users? phone numbers exclusively using the site?s Graph Search function to prove a point to Facebook. He was slapped with a cease-and-desist order from Facebook for his efforts.

    On March 5, Copley reported a tip to Facebook pointing out the security flaw in Graph Search. Facebook wrote him back acknowledging the problem, though they said that all they can do to remedy it is to encourage users to strengthen their security settings. He gathered the massive database of numbers as a response to them, using API tokens to perform millions of searches for phone numbers. His account was then banned several times in March and April, and Facebook?s lawyers soon contacted him and demanded that turn over all the information he had gathered, as well as his methods.

    ?Facebook is denying its users the right to privacy by allowing our phone numbers to be publicly searchable as the default setting,? Copley told Tech Crunch. ?This means that anyone with my number knows my Facebook contact information. I may have not told my future employer about my Facebook account, but if I called them on my cell phone they can now know how to find me on Facebook.?

    Facebook hasn?t revealed yet if it will pursue litigation against Copley; since all of the information he found was public, they would likely have a tough time forming a case. Even though Copley?s exposure of this issue is troubling, it can hopefully lead to a change for the better in Graph Search?s privacy settings.


  2. SpookSEO

    SpookSEO Senior Member

    Dec 15, 2012
    Likes Received:
    London, UK
    Home Page:
    I haven't been using graph search. So with this Facebook feature, one's private info could no longer be considered as private? Why would they file against Copley. They should be working on their glitch.