Techly NewsGet the app

Get the latest tech news

Google fixes bug that could reveal users’ private phone numbers


The bug allowed a researcher to uncover recovery phone numbers of nearly any Google account.

The exploit relied on an “attack chain” of several individual processes working in tandem, including leaking the full display name of a targeted account, and bypassing an anti-bot protection mechanism that Google implemented to prevent the malicious spamming of password reset requests. Bypassing the rate limit ultimately allowed the researcher to cycle through every possible permutation of a Google account’s phone number in a short space of time and arrive at the correct digits. Revealing the private recovery phone number can expose even anonymous Google accounts to targeted attacks, such as takeover attempts.

Get the Android app

Or read this on TechCrunch

Read more on:

Photo of Google

Google

Photo of users

users

Photo of Google fixes

Google fixes

Related news:

News photo

Mozilla Criticizes Meta's 'Invasive' Feed of Users' AI Prompts, Demands Its Shutdown

News photo

Meta’s AI has been mistakenly banning users on Facebook and Instagram with no way to contact a human that can help

News photo

OnePlus' latest flagships flex a Gemini trick Google forgot to give its Pixels

« A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account
MasterClass subscriptions are up to half off right now for Father's Day »