From nakedsecurity.sophos.com
What happens to the mobile numbers Facebook users add to their accounts to enable SMS two-factor authentication (2FA)?
If you assume the answer is nothing beyond their described purpose, prepare for a bit of a surprise courtesy of a study by researchers from Northeastern University and Princeton University, backed by plenty of dissatisfied commentary from the privacy community and tech press.
Facebook, the researchers found, has been adding these numbers to the other data it uses to target people with advertising.
Read more here