Facebook has had a rough few weeks in the realm of user privacy after it was revealed the company kept millions of users’ passwords stored in easily-searchable plain text. Now, another security bug has been revealed that could cause a headache for the social media giant. According to researcher John Moss, Facebook Marketplace had a flaw that could be exploited to discover the exact location of sellers.
As Moss pointed out, this kind of hyper-accurate data is unusual to find behind a website’s code. He expected the discover generalized location data while scraping Marketplace, but instead found far more specific data that used latitude and longitude to pinpoint the location of merchandise for sale. And it’s a big deal because of how easily it could’ve been exploited to rob users.
“What I discovered would essentially allow thieves to treat Facebook’s marketplace as a shopping list,” Moss said.
To make matters worse, Moss was rejected by the company after he reported the flaw, with Facebook telling him the loophole didn’t constitute a security vulnerability. Thankfully, Moss turned to someone he knew who worked at the company, who ensured the bug was patched. However, it’s troubling that Facebook was so willing to ignore a seemingly-major problem in the first place.
Bitdefender 2019 solutions stop attacks before they even begin. Try 90 days free of Bitdefender Total Security 2019
Private Internet Access is an award-winning, cost-effective VPN solution. The use of an anonymous and trusted VPN is essential to your online privacy, security and identity protection.