Over 540 million Facebook records found on exposed AWS servers

Share

A new investigation has found that third-party apps exposed 540 million records of Facebook user's passwords, comments, account names, likes, and unique Facebook identifiers for all to see. "We are committed to working with the developers on our platform to protect people's data", the spokesperson added.

The latest breach reminds of the Cambridge Analytica data scandal, where personal data of millions of users collected by the firm through a quiz app on Facebook was used to potentially swing voters in the USA elections in 2016 and other campaigns.

As with the infamous Cambridge Analytica scandal, this isn't a case of Facebook itself being compromised.

In response to public concern for privacy, Facebook started an audit of thousands of apps and suspended hundreds of them previous year to ensure information was not stored unsecured in public databases.

The Alliance Of American Football Is Already Ending After Two Months
It's an encouraging development in light of the AAF's inaugural season being cut short just two weeks shy of the playoffs. The hope from the onset of the AAF was that it would serve as a developmental league for the NFL .

UpGuard say they reached out to Cultura Colectiva back in January and, as of posting, have still received no response. Although that exposed the details of only 22,000 Facebook users, the exposed data also included plain-text passwords.

Similarly to the data exposed by Cultura Colectiva, At the Pool's data was exposed for an indeterminant amount of time but the stored data became secured while it was being viewed by UpGuard's team.

The second database, belonging to the defunct app At The Pool isn't as large, but its destructive potential can not be neglected.

And more recently, security experts noticed that Facebook allows other users to look up your profile using those numbers, too. Moreover, UpGuard researchers claim that these are only two of the databases that they have reported about and the extent of data exposure could be far more extensive since about 100,000 databases are hosted by Amazon.

Britain’s Prince Harry and Meghan Markle break Instagram followers record
Prince Harry says social media may be more harmful than drugs and alcohol, days after joining Instagram with wife Meghan Markle . But Prince Harry , who went from dressing up like a Nazi to marrying Meghan Markle , can't help but leave an impression.

Brian Vecci, a top executive at the security firm Varonis recommends that consumers check which apps are now collecting data from their accounts and revoke access for those that don't need it. They also informed Amazon Web Services about the data stored and they replied that the owner was made aware of the expose. "Once alerted to the issue", when Bloomberg initially broke the story, "we worked with Amazon to take down the databases".

On the plus side, data stemming from At the Pool was taken offline before security researchers could even send a formal notification. The company's website says it creates content through data and technology and has more than 45 million followers on Facebook, Instagram, Twitter, YouTube and Pinterest.

To be clear, the 540 million records found in the larger of the two data sets does not translate to 540 million Facebook users.

Man City back on top, Huddersfield go down
Sometimes you win easily with the top six, and sometimes you get a hard game, but it's the same with the teams at the bottom of the table.

Share