Facebook user data exposed

The discovery marks the latest major privacy and security mishap to plague Facebook

Facebook said its policies prohibit app developers from "storing information in a public database", adding in a statement Wednesday it has worked with Amazon to take them down. "The data genie can not be put back in the bottle", reads the post. This shows that there have been little efforts from Facebook in ensuring foolproof security of the data that it extracts from its users.

Fast forward to today and that S3 bucket was still publicly accessible.

The majority of records - around 540 million users' data - was compromised by Cultura Cultive - a digital media company, based on Mexico. It's kind of a hybrid of Mashable, Tumblr and BuzzFeed. It's unclear whether Amazon pulled the plug itself, or persuaded Cultura Colectiva to take the files offline. Anyone who wants to comment has to log into Facebook and stay logged in.

Researchers from the cybersecurity firm UpGuard recently discovered that Facebook user account information was exposed on Amazon cloud servers.

That's still 146 gigabytes of material, UpGuard said.

Any organisation that shares data should be reviewing their API's to ensure controls are in place to limit sensitive data and regular audits be done on the third parties to ensure compliance to privacy regulations and IT security standards. But it doesn't include Facebook passwords, and it doesn't offer any path directly into Facebook accounts.

The largest was collected by Mexican media company Cultura Colectiva. At one point, At the Pool required Facebook authentication, similar to Tinder.

"This should offer little consolation to the app's end users whose names, passwords, email addresses, Facebook IDs, and other details were openly exposed for an unknown period of time", UpGuard said. "What ties them together is that they both contain data about Facebook users, describing their interests, relationships, and interactions, that were available to third party developers". It is, however, worth mentioning that just last week it was revealed that Facebook not only stored 600 million users' passwords in plain text on its servers but also exposed it to over 20,000 employees. Surely this data was protected? But whether it was a happy coincidence, a hosting period lapse, or a responsible party becoming aware of the exposure remains unclear. For Cultura Colectiva, data on responses to each post allows them to tune an algorithm for predicting which future content will generate the most traffic.

The storage bucket was reportedly only secured after Facebook was contacted directly about the matter by Bloomberg and there's no indication as to how long it had remained visible.

These two stories have vaguely happy endings.

It comes a year after the Cambridge Analytica leak exposed how unsecure Facebook users' information is online. These two data sets are merely what the UpGuard researchers were able to find. There's already another leak of personal Facebook data, but this one didn't come directly from Facebook. These were uploaded publicly a Facebook-integrated app called "At the Pool" that shut down in 2014.

Related News:



Most liked

Suspect In Nipsey Hussle Killing Pleads Not Guilty
Holder is being held on United States $7 million bail, and is expected to make his first court appearance on Thursday afternoon. He was arrested in Bellflower, a suburb of Los Angeles after police received a tip.

Varane is going nowhere, insists Zidane
Both players have been criticised for their poor performances this season, with Madrid having been eliminated from all competitions since early March.

Caravan of 40 Salvadoran migrants sets out for United States border
Experts fear that cutting aid programmes will exacerbate problems in the three countries and force more people to migrate. Trump argues the governments in the Northern Triangle aren't doing enough to stop migration to the U.S.

Ethiopia set to release preliminary report into Boeing 737 MAX crash
When the MCAS system notices that a plane has stalled, it tilts the nose of the aircraft in order to correct the error. Boeing has tried to restore its battered reputation, while continuing to insist the 737 Max is safe.

Premier League Betting Round-Up - Winner and Top 4 Finish odds
Gray believes Manchester City are more proficient in midfield and their ability to pass the ball around means they have an edge over Liverpool .

Erdogan Pays Electoral Price for Turkey's Tumbling Economy
The AKP has lost the capital city of Ankara to the CHP as well as the third biggest city Izmir in local elections held on Sunday. They are facing increased opposition with the country's economy in recession, unemployment up, and inflation in double digits.

Zinedine Zidane's warning: I like Paul Pogba, he likes Madrid
So how would Pogba fit into Zidane's team? "[N'Golo] Kante, [Olivier] Giroud, Hazard all played three matches in seven days". I'm at Manchester and I'm happy".

Lawmakers introduce bill that would make Puerto Rico 51st state
Puerto Rico renewed its push for statehood past year after Hurricanes Irma and Maria devastated the island in 2017. Puerto Rico statehood is expected to be a major issue for both parties in the 2020 election.

How to Watch Roger Federer vs. Denis Shapovalov
Shapovalov, nicknamed "Shapo", joins an even younger Canadian player - 18-year-old Felix Auger-Aliassime - in the semis. The 27-year-old from Romania was 5-1 down in the second set but fought back by winning six consecutive games.

Boeing Ethiopia crash probe 'finds anti-stall device activated'
The pilot tried repeatedly to regain control and pull the nose up, but the plane crashed into the ocean. The Federal Aviation Administration reviewed the USA company's analysis and agreed.

AUSvsPAK, 3rd ODI: Australia overpower Pakistan to clinch ODI series
Australia started shakily and lost opener in-form Usman Khawaja off just the fifth ball, bowled for a duck by Usman Shinwari . Maxwell and Alex Carey (25 not out) put on a quick 61 for the sixth wicket as Australia hit 90 in the last 10 overs.

Prosecutor Who Dropped Charges Against Jussie Smollett Thinks Actor Is Guilty
He claimed they shouted, "This is MAGA country" - a reference to President Trump's "Make America Great Again" campaign slogan. The contacts were cited by Foxx in recusing herself from the case on February 13, well before Smollett was charged.

Industry must ensure new aircraft meet regulations, says FAA's acting chief
Southwest Airlines Flight 8701 took off as normal at around 3pm, but just minutes into the flight, the pilots reported a problem. The second crash involved Ethiopian Airlines and their CEO, Tewolde Gebremariam, was among those anxious for answers.

'Us' Had the Biggest Opening Ever for An Original Horror Movie
Coming in at No. 5 is Universal and DreamWorks' How to Train Your Dragon: The Hidden World . For Us, this was more than quadrupled, and Peele was able to work with a $20 million budget.

Huawei P30 Pro ANNOUNCED - UK price, specs and features REVEALED
Huawei P30 Pro handset: how much does it cost SIM-free? It comes with IP68 rating which means that is water and dust proof. There is also a feature called Dual-View video which allows you to record a wide-angle and close-up view simultaneously.