A data security researcher has discovered a new way for hackers to get into your Facebook account: by taking advantage of old phone numbers you’re no longer using, yet still have linked to your account.
If your Facebook account ever gets compromised, there is a lot at stake. Your private photos, personal conversations, and other types of sensitive data could all get exposed to a third party, a scenario no one would ever like to go through.
Here’s how Facebook’s password recovery system works: in the event you forget your password, you can get a code texted to your phone to have it reset. However, if a person gets a new phone number and fails to unlink the old one from their account, this introduces a huge data security risk to their account.
According to James Martindale, old numbers, which are no longer used, can often get recycled and handed out to new owners. He was able to access a stranger’s account this way by simply entering one of his old phone numbers.
This can be done due to the fact that Facebook allows you to search for people who have phone numbers linked to their accounts. Therefore, a hacker could buy a new phone number and hope the previous owner hasn’t yet remembered to update it on Facebook.
With a little bit of luck, the hacker could receive access to that person’s account, which could potentially lead to impersonation, fraud, or extortion.
This is why you should never forget to unlink your old phone number from Facebook.