Million Facebook User Records Exposed Online, Plus Passwords, Comments, and More


Last year, the company had come under fire following revelations that Cambridge Analytica had harvested personal data of millions of people's Facebook profiles without their consent.

UpGuard discovered that Cultura Colectiva, a digital platform featuring stories about celebrities and culture and which targets a Latin American audience, stored some 540 million records on Facebook users on public Amazon servers, including records on comments, likes and account names. There's no evidence that anyone other than the UpGuard researchers was aware of either data set, although naturally we can't know for sure.

Both the At the Pool app and its developers have also been out of operation since at least 2014 but that any users who had the same password across services and haven't changed that in the meantime may be vulnerable.

But, it users have used the same passwords on both their Facebook accounts and the third-party "At the Pool" app, they are now at risk for someone to hack their accounts.

The information included comments, reactions, likes, FB IDs and account names uploaded by media company Cultura Colectiva. "We are committed to working with the developers on our platform to protect people's data". "The password is simply no longer enough to provide a sufficient level of security in today's threat landscape".

Migrant arrests surge at U.S.-Mexico border
His latest threat had workers and students who frequently cross the border anxious about the potential disruption to their lives. Mexico is the largest importer of U.S. exports of refined fuels like diesel and gasoline, some of which moves by rail.

Such was not the case with the Cultura Colectiva data. The security team at UpGuard stated that they found two data breach incidents in different regions. However, the database was only secured by Facebook yesterday morning.

Many security experts are of the view that, in the light of the frequent cybersecurity lapses, Facebook does not have a clear understanding of cybersecurity. That one instance has led to government probes around the world, and threats of further regulation for the company.

Thousands of apps and websites let users log in with their Facebook credentials, and often ask to access users' Facebook interactions as a condition for doing so.

Facebook said its policies prohibit app developers from "storing information in a public database", adding in a statement Wednesday it has worked with Amazon to take them down. Up to 540 million accounts have been affected, which raises the very solid possibility that yours is one of them. UpGuard said they told Cultura Colectiva about the uprotected stash on January 10 and January 14, and told Amazon server admins on February 1 and February 21. It wasn't until Facebook contacted Amazon that the leak was addressed.

Bloomberg notified Facebook about the presence of this dataset and the company immediately removed it from Amazon's servers.