Clicky

Facebook used email passwords to harvest contact data from its users

Facebook was criticized for asking for passwords to user email accounts but this “feature” was actually being used to scoop up contact data from user’s email accounts.

If you’re tired of censorship and surveillance, subscribe to Reclaim The Net.

Facebook was recently caught asking users for the passwords to their email accounts and now it turns out the company was also trying to scoop up people’s email contacts at the same time.

The EFF (Electronic Frontier Foundation) made this discovery when testing out Facebook’s password-grabbing tool with a burner Yandex email address. The researchers from the EFF entered their burner email, the password to the burner email account, and then clicked “Connect to yandex.com.”

source: EFF

This caused an overlay with a status bar to appear which said “Importing contacts.” Since the EFF researchers were using a burner account, Facebook was unable to find any contacts but it still tried to pull information about all of their contacts from this email account.

During their research, the EFF also discovered that a Facebook tool called “Find Your Friends” was asking users to enter their email address and password in order to find friends based on their email contact data.

Unfortunately, this wasn’t the only privacy blunder from Facebook this week. It also managed to expose 540 million supposedly private records which contained Facebook IDs, personal messages, likes, shares, on Amazon Cloud.

The company also doubled down on this series of privacy fails by paying for positive coverage in The Daily Telegraph and continuing to wage war on “hate speech” without actually defining what “hate” is.

If you’re tired of censorship and surveillance, subscribe to Reclaim The Net.

Read more

Share this post

Reclaim The Net Logo

Join the pushback against online censorship, cancel culture, and surveillance.

Already a member? Login.