Jump to content

Researchers find 540 million Facebook user records on exposed servers


Spartan

Recommended Posts

Security researchers have found hundreds of millions of Facebook user records sitting on an inadvertently public storage server.

The two batches of user records were collected and exposed from two third-party companies, according to researchers at security firm UpGuard, who found the data.

In the researchers’ write-up, Mexico-based digital media company Cultura Colectiva left more than 540 million records — including comments, likes, reactions, account names and more — stored on the Amazon S3 storage server without a password, allowing anyone to access the data. Another backup file on a separate storage server by defunct California-based app maker At The Pool contained even more sensitive data, including scraped information on more than 22,000 users, such as a user’s friends lists, interests, photos, group memberships and check-ins.

According to UpGuard, neither company responded to requests to have the data removed. Facebook contacted Amazon to pull the data offline, a Facebook spokesperson told TechCrunch.

“Facebook’s policies prohibit storing Facebook information in a public database,” said the spokesperson. Facebook said there is no evidence yet to show the data has been misused but that it was investigating.

It’s the latest data lapse involving the social media giant since the Cambridge Analytica scandal in 2018, which saw more than 87 million Facebook user records scraped without consent by the U.K.-based political data firm. The company was accused of using the data to help build profiles on voters in an effort to help the presidential campaigns for Ted Cruz and later Donald Trump.

In the wake of the scandal, the social media giant rolled out a bug bounty program to cover third-party apps and services that leaked or exposed Facebook user data.

UpGuard found a batch of scraped Facebook profiles involving 48 million records in 2018 from LocalBlox, a data firm that scrapes data from social media profiles.

Chris Vickery, director of cyber risk research at UpGuard, told TechCrunch: “These finds continue to highlight the problems which plague companies that depend on mass data collection.”

“Storing personal information collected from end users is a liability,” said Vickery. “The more you have, the greater that liability becomes.”

Link to comment
Share on other sites

24 minutes ago, solman said:

ippue nidra lechva endhi... afternoon vachindhi news... FB stock price down ayindhi kooda silent_I1

175 konna , ventane padipoyindi , malli chala rojulaki crawl ayyi 174 ki vachindi , profit lekapoyina ammeddam ante endhi vayya idhi maku , edo oka bad news vastune unnayi fb ki , assalu bathaka nivvara

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...