A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account

To revisit this article, visit My Profile, then View saved stories.

A CYBERSECURITY RESEARCHER was able to figure out the phone number linked to any Google account, information that is usually not public and is often sensitive, according to the researcher, Google, and 404 Media’s own tests.

The issue has since been fixed but at the time presented a privacy issue in which even hackers with relatively few resources could have brute forced their way to peoples’ personal information.

This article was created in partnership with 404 Media, a journalist-owned publication covering how technology impacts humans. For more stories like this, sign up here.

“I think this exploit is pretty bad since it's basically a gold mine for SIM swappers,” the independent security researcher who found the issue, who goes by the handle brutecat, wrote in an email. SIM swappers are hackers who take over a target's phone number in order to receive their calls and texts, which in turn can let them break into all manner of accounts.