Just What We Needed; Another Facebook Data Leak

54shares

It increasingly looks like history repeating itself and the moral of the story falling in deaf ears… again!

Just what the world needed right now, another Facebook data leak, this time on Amazon servers. Researchers at UpGuard, a cybersecurity firm, have discovered heaps of unprotected Facebook user data – millions of them. The data discovered contains sensitive information such as names, passwords, comments, interest and likes.

It’s not only that Facebook has been sharing data with third-parties, most of the times without its users knowing or even authorizing. It’s also the fact that these third parties have not been keeping a minimum apparatus of security to ensure that no sensitive information would be exposed.

It’s not only that Facebook has been sharing data with third-parties. It’s also the fact that these third parties have not been keeping a minimum security apparatus.

Click To Tweet

Yes, we know what we signed up for. However, behind the let’s-hold-hands-and-sing-kumbaya mantra of its CEO, it’s increasingly likely that Facebook has also been feeding very sensitive information straight to potentially bad actors. All that without any official or rigorus oversight whatsoever. We simply cannot be sure where all that data is being stored or how it’s being stored.

Wired reports that, according to UpGuard, one of the exposed databases belonged to a Mexican company called Cultura Colectiva, which used Amazon cloud services to store some 146 gigabytes of data, including 540 million different records. The other database belongs to an app called At the Pool, which contained plaintext user passwords for 22,000 users.

Facebook is only reacting to exposés, rather than proactively auditing its third party affiliations. Will this be the last hole security analysts poke in Facebook’s quest for new-found privacy?

Click To Tweet

In the past couple of years, and especially after the Cambridge Analytica scandal broke out, Facebook has shut down access to hundreds of apps that would exploit its users data. However, the damage has already been done and it looks like Facebook is merely reacting to exposés, rather than proactively auditing its third party affiliations. Will this be the last hole security analysts poke in Facebook’s quest for new-found privacy?