Facebook Correcting Bug That Collected Phone Numbers Of Android App Users

By David Cohen 

Facebook is taking steps to address a bug discovered by Symantec in which its Android application collected users’ phone numbers.

The social network told The Next Web it has already deleted the phone numbers from its servers, and they were not used or processed in any way, adding that its recent beta release addressed the bug, and the fix will be rolled out to its public app shortly.

Symantec wrote in a post on its blog last week:

Of particular note, Mobile Insight automatically flagged the Facebook app for Android because it leaked the device phone number. The first time you launch the Facebook app, even before logging in, your phone number will be sent over the Internet to Facebook servers. You do not need to provide your phone number, log in, initiate a specific action, or even need a Facebook account for this to happen

According to Google Play, hundreds of millions of devices have installed the Facebook app, and a significant portion of those devices are likely affected.

We reached out to Facebook, which investigated the issue and will provide a fix in its next Facebook for Android release. It stated that it did not use or process the phone numbers and it has deleted them from its servers.

Readers: Are you concerned that your phone numbers may have been compromised?

Image courtesy of Shutterstock.