It’s been a rough couple of weeks for Facebook. Recently, the social network had to apologize for accidentally leaking the contact information of over 6 million users. And then, a few days later, it was revealed that even more people were affected by the data breach than originally reported, with the site standing accused of trying to hide the extent of its privacy problems.
But now, it gets even worse: It was revealed this weekend by independent third-party researchers that virtually all users of the Facebook for Android app had their private phone number disclosed to the social network without permission – a software blunder that could affect hundreds of millions of smartphone owners worldwide.
According to computer security company Symantec, which first reported the issue, “The first time you launch the Facebook application, even before logging in, your phone number will be sent over the Internet to Facebook servers. You do not need to provide your phone number, log in, initiate a specific action, or even need a Facebook account for this to happen.”
Facebook, for their part, says that it did not use the collected phone numbers in any way, and has deleted the leaked information from the company’s data banks. As a result, the company says it has no way of knowing exactly how many users were affected by the breach, and affected users (once again) will not be notified. The bug has since been fixed, and an updated version of the Facebook for Android app is available in the Google Play store.
While the social network can likely be taken at its word on this latest news, the company’s past cover-ups and willful underestimation of the impact of privacy leaks make the apology that much harder to swallow. For many users, it may just be time to permanently delete their Facebook profile once and for all.