Date:05/04/19
Researchers at the cybersecurity firm UpGuard on Wednesday said they had discovered the existence of two datasets together containing the personal data of hundreds of millions of Facebook users. Both were left publicly accessible.
In a blog post, UpGuard connected one of the leaky databases to a Mexico-based media company called Cultura Colectiva. The data set reportedly contains over 146 GB of data, which amounts to over 540 million Facebook user records, including comments, likes, reactions, account names, Facebook user IDs, and more.
A second leak, UpGuard said, was connected to a Facebook-integrated app called “At the pool” and had exposed roughly 22,000 passwords. “The passwords are presumably for the ‘At the Pool’ app rather than for the user’s Facebook account, but would put users at risk who have reused the same password across accounts,” the firm said. The database also contained data on users’ friends, likes, groups, and locations where they had checked in, said UpGuard.
Both datasets were stored in unsecured Amazon S3 buckets and could be accessed by virtually anyone. Neither was password protected. The buckets have since been secured or taken offline.
“The data sets vary in when they were last updated, the data points present, and the number of unique individuals in each,” UpGuard said. “What ties them together is that they both contain data about Facebook users, describing their interests, relationships, and interactions, that were available to third party developers.”
Added Upguard: “As Facebook faces scrutiny over its data stewardship practices, they have made efforts to reduce third party access. But as these exposures show, the data genie cannot be put back in the bottle. Data about Facebook users has been spread far beyond the bounds of what Facebook can control today.”
540 Million Facebook User Records Exposed Online, Plus Passwords, Comments, and More
Researchers at the cybersecurity firm UpGuard on Wednesday said they had discovered the existence of two datasets together containing the personal data of hundreds of millions of Facebook users. Both were left publicly accessible.In a blog post, UpGuard connected one of the leaky databases to a Mexico-based media company called Cultura Colectiva. The data set reportedly contains over 146 GB of data, which amounts to over 540 million Facebook user records, including comments, likes, reactions, account names, Facebook user IDs, and more.
A second leak, UpGuard said, was connected to a Facebook-integrated app called “At the pool” and had exposed roughly 22,000 passwords. “The passwords are presumably for the ‘At the Pool’ app rather than for the user’s Facebook account, but would put users at risk who have reused the same password across accounts,” the firm said. The database also contained data on users’ friends, likes, groups, and locations where they had checked in, said UpGuard.
Both datasets were stored in unsecured Amazon S3 buckets and could be accessed by virtually anyone. Neither was password protected. The buckets have since been secured or taken offline.
“The data sets vary in when they were last updated, the data points present, and the number of unique individuals in each,” UpGuard said. “What ties them together is that they both contain data about Facebook users, describing their interests, relationships, and interactions, that were available to third party developers.”
Added Upguard: “As Facebook faces scrutiny over its data stewardship practices, they have made efforts to reduce third party access. But as these exposures show, the data genie cannot be put back in the bottle. Data about Facebook users has been spread far beyond the bounds of what Facebook can control today.”
Views: 411
©ictnews.az. All rights reserved.
Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World
