Hacks and Incidents

Facebook Vulnerability Discloses Friends Lists Defined as Private

Facebook Vulnerability Discloses Friends Lists Defined as Private: Irene Abezgauz from the Quotium Seeker Research Center identified a security flaw in Facebook privacy controls. The vulnerability allows attackers to see the friends list of any user on Facebook. This attack is carried out by abusing the ‘People You May Know’ mechanism on Facebook, which is the mechanism by which Facebook suggests new friends to users.

With attacks being on the rise, Facebook is often targeted by hackers for the information it possesses. Users rely on Facebook to maintain their privacy to the best of Facebook’s ability.

Since this vulnerability renders the privacy control to hide friends lists from other users irrelevant, we hope Facebook will change its mind and this flaw will be addressed.

Standard