Facebook Fixing Android App After It Collected User Phone Numbers, Has Already Deleted Data


Facebook For Mobile Apps

Facebook for Android is receiving a “fix” after security firm Symantec last week announced that the app was wrongfully collecting users’ phone numbers and contact numbers and then sending that information back to the company’s servers.

Facebook since that time has told tech site TNW that it has fixed the “bug” in a recent beta release and will soon roll it out to customers.

The social giant says it has not used the phone numbers in any way and that the numbers have already been deleted.

The flaw was only discovered when Symantec stumbled upon the data collecting code by accident. Symantec used its Norton Mobile Security app to discover the issue. That particular application is capable of discovering malicious applications, privacy risks, and potentially intrusive behavior via automatic and proprietary static and dynamic analysis techniques.

Here’s what Symantec has to say about its Facebook phone number discovery:

The ability of Mobile Insight to automatically provide granular information on the behavior of any Android application even surprised us when we reviewed the most popular applications exhibiting privacy leaks. Of particular note, Mobile Insight automatically flagged the Facebook application for Android because it leaked the device phone number.

The first time you launch the Facebook application, even before logging in, your phone number will be sent over the Internet to Facebook servers. You do not need to provide your phone number, log in, initiate a specific action, or even need a Facebook account for this to happen.

A beta release for the Facebook Android app arrived yesterday but has not yet rolled out to the general public.


James Kosur

James Kosur has worked in the new media space for the last 10 years, helping many publications build their audiences to millions of monthly readers. He currently serves as the Director of Business Development at Business2Community.com and the CEO of Aven Enterprises LLC.

0 Comments

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.