Million Facebook User Records Exposed Online, Plus Passwords, Comments, and More

Share

Last year, the company had come under fire following revelations that Cambridge Analytica had harvested personal data of millions of people's Facebook profiles without their consent.

UpGuard discovered that Cultura Colectiva, a digital platform featuring stories about celebrities and culture and which targets a Latin American audience, stored some 540 million records on Facebook users on public Amazon servers, including records on comments, likes and account names. There's no evidence that anyone other than the UpGuard researchers was aware of either data set, although naturally we can't know for sure.

Both the At the Pool app and its developers have also been out of operation since at least 2014 but that any users who had the same password across services and haven't changed that in the meantime may be vulnerable.

But, it users have used the same passwords on both their Facebook accounts and the third-party "At the Pool" app, they are now at risk for someone to hack their accounts.

The information included comments, reactions, likes, FB IDs and account names uploaded by media company Cultura Colectiva. "We are committed to working with the developers on our platform to protect people's data". "The password is simply no longer enough to provide a sufficient level of security in today's threat landscape".

Insane deal slashes a popular wireless charger to just $7
The Bloomberg report says that Amazon's new wireless earbuds will be available during the second half of 2019. In terms of audio quality, nothing has changed between the original AirPods and the second-generation model.

Such was not the case with the Cultura Colectiva data. The security team at UpGuard stated that they found two data breach incidents in different regions. However, the database was only secured by Facebook yesterday morning.

Many security experts are of the view that, in the light of the frequent cybersecurity lapses, Facebook does not have a clear understanding of cybersecurity. That one instance has led to government probes around the world, and threats of further regulation for the company.

Thousands of apps and websites let users log in with their Facebook credentials, and often ask to access users' Facebook interactions as a condition for doing so.

Facebook said its policies prohibit app developers from "storing information in a public database", adding in a statement Wednesday it has worked with Amazon to take them down. Up to 540 million accounts have been affected, which raises the very solid possibility that yours is one of them. UpGuard said they told Cultura Colectiva about the uprotected stash on January 10 and January 14, and told Amazon server admins on February 1 and February 21. It wasn't until Facebook contacted Amazon that the leak was addressed.

Bloomberg notified Facebook about the presence of this dataset and the company immediately removed it from Amazon's servers.

Share