Rogue Facebook apps can now access your home address and mobile phone number

A security expert has warned that users should remove their home addresses and phone numbers from their Facebook accounts. According to

Graham Cluley said the website now gives third parties access to that information.

The website said in a blog post at the weekend that it would give developers of applications access to the contact information of users who install their apps.


“These permissions must be explicitly granted to your application by the user via our standard permissions dialogs. Please note that these permissions only provide access to a user’s address and mobile phone number, not their friend’s addresses or mobile phone numbers,” the Sydney Morning Herald quoted Facebook’s Jeff Bowen as saying.

However, Sophos security expert Cluley, has raised doubts over the move.

“You have to ask yourself – is Facebook putting the safety of its 500+ million users as a top priority with this move?” he said.

“It won’t take long for scammers to take advantage of this new facility, to use for their own criminal ends.”

Cluley advised that users should take personal info such as home addresses and mobile numbers off their pages.

“You can imagine, for instance, that bad guys could set up a rogue app that collects mobile phone numbers and then uses that information for the purposes of SMS spamming or sells on the data to cold-calling companies,” he said.