Prevent Unauthorized Access of Your Full Facebook Profile

Facebook Privacy BreachFacebook privacy issues continue to surface and a recent one has many of us, including me, quite nervous.   Facebook settings give us the option of allowing people to look us up via our Facebook profiles. A couple of days ago, Suriya Prakash posted the steps he took to access (non-friend) Facebook  full profiles.  He wrote a script (software programming code) to cultivate a list of Facebook users who intentionally or unintentionally allow their Facebook information to be obtained by the general public.

The script generated Facebook user names connected to their phone numbers. Prakash calculated that a person with a large enough botnet* (Definition link below. Click here to go to Prasash’s blog) and a slightly better script would need only a couple of days to download all Facebook’s users who have mobile numbers associated with their accounts.  He estimated at least 500 million profiles would be vulnerable. On October 4th, Facebook announced it has 1 billion users so his estimates may be low.

(*Definition of botnet)

Connecting phone numbers to names is an advertiser’s dream come true and lists such as this can be sold profitably on the black market.  The breach of privacy is clear.  That said, there are circumstances where we intentionally choose to have our names and numbers publicly displayed, often for business purposes.  However, if you do not fall into that category,  here are 2 sections to verify to protect yourselves:

1.  Go to your Privacy Settings (STEP I(click Privacy Settings Link to go there directly or manually follow illustrations of STEPS I and II below)  and edit “How you Connect.”  (STEP IIUnless your Facebook page is exclusively set up for business, I recommend using the most restrictive settings.

STEP I – Access your Privacy Settings
Facebook Privacy

Go to your Privacy Settings

STEP II:  Edit your “How you Connect” settings.
Edit your connection settings

Edit your “How to Connect” Settings

Selecting “Friends” is the most restrictive choice for who can look you up via email address or phone number.  The options regarding who can send you friend requests and Facebook messages are not as worrisome because you can always ignore a friend request or delete a message.  If you want to avoid the awkwardness of ignoring friend requests from the general public, you can restrict that option to friends of friends but that may prevent people you know from connecting with you.  I enjoy connecting  via Facebook to people I’ve lost touch with over the years so I allow anyone to send me friend requests or to message me.

2.  Make sure the information in your “About” section is at the correct level of privacy.  Follow Steps I-III below.

STEP I – Click on your name in the upper right section of the Facebook screen to get to your Timeline
Access your Timeline

How to get to your Timeline

 STEP II – Click on “About” to get into your personal profile information

Go to your “About” section of your Timeline


STEP III – Once you click on “About,” you can review all the information in that section and decide if there is too much information there or not.  In particular, pay attention to the “Contact Info” section.  Note I’ve listed a phone number but it has a lock symbol next to it which indicates only I can see it – my telephone number is not available publicly or even to my Facebook friends.  

Edit "About" section

Review all your information in this section

If they haven’t already done so, we can expect Facebook to fix this vulnerability but in the meantime, you can avoid unwanted access to your profile by following the steps above.   It’s a good idea to occasionally verify all your Facebook Privacy Settings to make sure you are getting the level of privacy your want.  Click on this link to get to a previous article that will take you through all your Privacy Settings and will allow you to access them directly from within the article if you are logged into your Facebook account.

If you have any questions or need any help checking your privacy settings, please let me know and I’ll be happy to guide you.

Until next time … Stay Cyber Safe


2 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *