In a marketing campaign gone wrong, cricket icon Sachin Tendulkar on Monday inadvertently incited his followers to breach privacy of their friends by asking them to publicly share phone numbers and other personal details on social media.
Tendulkar[1] asked his followers on Facebook and Twitter to share the "names, cities, and mobile numbers" of their friends who "make excuses." The posts immediately received criticism from security researchers.
"How do you mine troves of phone numbers from Indians? Get a famous cricketer to politely ask people to dox their friends!" security researcher Troy Hunt tweeted[2] in surprise.
"The post is worrying because it's asking people to disclose a personally identifiable attribute (phone number) in the context of a Twitter handle. Tying these pieces of data together is very valuable for everything from marketing to social engineering to identity theft. It's made worse by the fact that the campaign is asking for people to disclose other people's data without their consent," Hunt told Gadgets 360 in a statement.
"Whoever came up with this marketing campaign (almost certainly not Sachin himself), has not thought this through very well," he added.
Based on Tendular's team, some lucky people would have got the chance to talk to the little master himself, who would offer them a pep talk.
Tendulkar's social media team has since deleted the posts, but reserved any explanation. It's also unclear if people who shared the private information would still get a chance to talk to Sachin. The post was part of a marketing campaign by an Indian bank.
It’s an unfortunate incident, especially coming from Tendulkar, who has been increasingly investing in technology companies[3] and other ventures since his retirement from international cricket in 2013....