Sunday, 21 April 2019
Latest news
Main » Private data of 540 million Facebook users exposed in plain text

Private data of 540 million Facebook users exposed in plain text

06 April 2019

A United States cybersecurity company said Wednesday that records of millions of Facebook users stored on Amazon's cloud servers were exposed to the public.

Researchers at the cybersecurity firm UpGuard on Wednesday said it discovered the existence of two datasets together containing the personal data of hundreds of millions of Facebook users.

The databases were from a Mexico-based media company called Cultura Colectiva and an app called At The Pool, the security researchers said.

"We are committed to working with the developers on our platform to protect people's data", Facebook's representative further added. That's the takeaway from the latest story of Facebook's reckless data sharing.

Facebook is under federal criminal investigation for deals it struck with electronics manufacturers to access user data, and it has been hit a series of security breaches over the past year. The incident has brought back memories of the Cambridge Analytica scandal, in which 87 million Facebook users' records were extracted without their consent.

UpGuard sent two emails to the group on January 10 and January 14, and still has not received a reply. Although that exposed the details of only 22,000 Facebook users, the exposed data also included plain-text passwords. At The Pool's database disappeared while Upguard was researching, the firm said.

But this week UpGuard's Cyber Risk team revealed in a blog posting that it had found public databases on Facebook users.

US House to sue to block Trump border wall funding action
At another point, he said , "If the drugs don't stop, we'll tariff the cars". He gave the country a deadline to do more to stop drugs or face tariffs.

And more recently, security experts noticed that Facebook allows other users to look up your profile using those numbers, too.

Interestingly enough, this is not the first time Upguard tried to warn Facebook about the potentially detrimental consequences of its data strategy.

"All of the data passed from Facebook to literally millions of developers needs to be managed", said Greg Pollock, a vice president at UpGuard.

In the case of the data compromised by Cultura Colective, it sounds like getting anyone to care about the fact that this was all out in the open was an odyssey in itself.

To be clear, the 540 million records found in the larger of the two data sets does not translate to 540 million Facebook users.

Tim Mackey, Technology Evangelist - Software Integrity Group, Synopsys, had this to say about the current Facebook lapse: "Under GDPR Article 7, consent for the collection of personal data must be unambiguous and for a defined goal". The second was a separate database from a Facebook-integrated app named "At the Pool" which exposed data via an Amazon S3 bucket.

During the past few months, Facebook has basically gone as a synonym for 'security breaches' or 'privacy issues'.

Private data of 540 million Facebook users exposed in plain text