Facebook has confirmed it uses phone numbers, provided to them by security-conscious users for two-factor authentication on their accounts, to target the same individuals with advertising.

The tech giant’s confession follows a report in Gizmodo based on research carried out at Northeastern and Princeton universities which uncovered the deceptive practice.

“We use the information people provide to offer a better, more personalised experience on Facebook, including ads,” a Facebook spokesperson explained, adding that users can opt out of this by not using phone-number-based two-factor authentication.

READ MORE: 1 in 4 Americans & almost half of millennials deleted Facebook in wake of privacy scandals – study

Facebook has been using contact information that users explicitly provided for two-factor authentication—or that users never provided at all—for targeted advertising. https://t.co/DGoV534ssA — EFF (@EFF) September 28, 2018

However, the option to enable the security technique, which provides a second layer of authentication to help keep accounts secure without providing your phone number, was only introduced in May. Before then, people who handed over their phone number for the security feature were unwittingly drawn into a privacy and security trade-off.

The revelation that the company has been using information, explicitly provided for security purposes, for targeted advertising has outraged many and further damages user trust in the social network.

“At this point I consider Facebook a criminal enterprise. Maybe not legally, but morally” https://t.co/BrZ7Yeq5Jw — DHH (@dhh) September 27, 2018

Seriously @facebook WTF were you thinking you morally bankrupt nitwits. This trashes 2FA (two factor authentication) https://t.co/bmZirCgq3x — Financial Philospher etc. (@jameslgb) September 28, 2018

We’re never getting out of this rabbit hole... 😔 RT @konklone: #Facebook takes phone numbers given to them for two factor authentication & uses them for ads. Gross and completely irresponsible. https://t.co/hCp9voZwRypic.twitter.com/AKvSvkNSIt#privacy#tech#socialmedia — Stephanie Humphrey (@TechLifeSteph) September 27, 2018

Researchers also found evidence of the corporation using shadow contact information to target individuals with ads - something they had previously denied doing. This is data, such as a phone number, that has not been provided by the user to Facebook but is collected from their friends’ contacts list and shared with advertisers.

READ MORE: Facebook hands users’ friends’ data to dozens of ‘partners’ without consent – report

Lead author on the paper, Giridhari Venkatadri, said this was the most surprising finding, that Facebook was targeting ads using information “that was not directly provided by the user, or even revealed to the user.” Facebook did not dispute any of the researchers’ findings.

Think your friends would be interested? Share this story!