More than 540 million Facebook records exposed once again

More than 540 million Facebook records exposed once again

The compromised data was stored on Amazon's public cloud servers by the Mexico-based media company Cultura Colectiva, one of Facebook's partners, said UpGuard.

Upon contact, a spokesperson of Facebook clarifies that they are working alongside the relevant agencies to protect user's data from app developers and have taken down the information from the Amazon database when alerted of the issue.

When reached out by media, Facebook responded by saying, "Facebook's policies prohibit storing Facebook information in a public database".

The data included confidential information related to Facebook users' passwords, comments, account names, "likes" and recent activities.

"This should offer little consolation to the app's end users whose names, passwords, email addresses, Facebook IDs, and other details were openly exposed for an unknown period of time", UpGuard said.

Cultura Colectiva was quoted by Reuters as saying in a statement that all of its Facebook records came from user interactions with its three pages on Facebook and is the same information publicly accessible to anyone browsing those pages. It is, however, worth mentioning that just last week it was revealed that Facebook not only stored 600 million users' passwords in plain text on its servers but also exposed it to over 20,000 employees.




"A separate backup from a Facebook-integrated app titled "At the Pool" was also found exposed to the public internet via an Amazon S3 bucket", it added. Once the data was out of Facebook's hands developers could use it how they wanted.

The slow-footed response underscores a dilemma faced by businesses like Amazon Web Services, which along with cloud computing behemoths Microsoft Corp. and Alphabet Inc.'s Google, generate billions of dollars in revenue by providing storage and other computing services via remote data centers.

Allegedly, Facebook wasn't aware of this until a Bloomberg representative notified the tech giant about the data breach earlier this week, according to TechCrunch.

Facebook this week managed to make the news again in connection with multiple data protection fiasco's. "Not enough security is being put into the security side of big data", Chris Vickery, director cyber risk research at UpGuard, said.

'The surface area for protecting the data of Facebook users is thus vast and heterogenous, and the responsibility for securing it lies with millions of app developers who have built on its platform'. There were over 540 million individual records of personal data.

This is a serious security lapse on the part of Facebook. Facebook said there is no proof yet to demonstrate the data has been misused, however, that it was investigating.

Related Articles