Did you give Facebook your phone number when it asked you to set up two-factor authentication? Be aware that Facebook is allowing people to look up user profiles based on the phone number the user added to their Facebook account. There is no way to completely hide your phone number.
TechCrunch summarized this horrifying, privacy-breaching, Facebook problem this way:
Last year, Facebook was forced to admit that after months of pestering its users to switch on two-factor by signing up their phone number, it was also using those phone numbers to target users with ads. But some users are finding out just now that Facebook’s default setting allows everyone – with or without an account – to look up a user profile based on the same phone number previously added to their account.
There is a Facebook help article titled: “How do I control who can look me up using my email or mobile phone number?” It instructs Facebook users to go to Settings and look at the “Who can look me up?” options.
TechCrunch pointed out a big problem. Facebook will only allow users to choose from “Everyone”, “Friends of friends” or “Friends”. This means there is no setting that allows users to completely opt out of having their phone number be searchable.
In short, it appears that everyone you friended on Facebook will be able to look you up by your phone number. In addition, people who do not have Facebook accounts, but who know your phone number, will be able to find your Facebook account. So, the option to limit who can look you up using your phone number to “Friends” … is misleading.
Personally, I think this could lead to some very dangerous situations. A person who has left an abusive partner, or an abusive family situation, might have to worry about those people finding their Facebook account. Activists who engage in protecting people’s civil rights may also be in danger due to Facebook’s phone number look up.
Facebook told users that attaching their phone number to their account would make it safer. That simply isn’t true now that Facebook will allow anyone in the world to use that phone number to find your account.