Venmo has added new privacy controls for friend lists following a jaw-dropping incident where BuzzFeed News was able to track down President Joe Biden’s Venmo account because of the app’s leaky privacy protocols. App researcher Jane Manchun Wong discovered earlier on Friday that Venmo was working on the new controls.
“We’re consistently evolving and strengthening the Venmo platform for all of our customers. As part of these ongoing efforts, we are enhancing our in-app controls providing customers an option to select a public, friends-only, or private setting for their friends list,” a Venmo spokesperson said in a statement to The Verge.
To find the new controls, tap the hamburger icon while on the main feed, then tap “Settings,” “Privacy,” and then “Friends List.” The Friends List menu appeared for me and another Verge staffer while I was writing this article, so if it hasn’t rolled out to you just yet, sit tight.
In the new menu, you can pick if you want your friends list to be public, visible to friends, or private. You can also toggle whether or not you want to appear in others users’ friends list.
The new toggles fix a major privacy hole in Venmo that has been known for years: there previously was no way to keep your list of Venmo contacts private, meaning that you could see the contact list of any other user on the platform. The hole was bad enough that following a brief mention of Biden using Venmo in a recent New York Times profile, BuzzFeed News was able to track down the president’s account in less than 10 minutes. The publication also found the accounts for many in his inner circle.
While you’re in your privacy settings, I’d also recommend setting your Venmo feed to private.
Update May 28th, 7:02PM ET: Clarified that Venmo’s previous friend settings included a privacy flaw, not a security flaw.