1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Over 500 million Facebook user records discovered on public Amazon servers

By midian182 · 6 replies
Apr 4, 2019
Post New Reply
  1. Researchers at security firm UpGuard discovered the two sets of data on Amazon’s S3 storage servers without passwords, meaning anyone could access the files.

    The largest of the two datasets came from Mexican media company Cultura Colectiva. 146GB in size, its 540 million records included details of users’ Facebook comments, likes, reactions, account names, IDs and more.

    A separate database for a defunct Facebook-integrated app called “At the pool” was also found. While this was much smaller, containing information on 22,000 users, it contained more sensitive information, including friends lists, interests, photos, group memberships and check-ins. There were also passwords stored in plaintext, though these were for the app itself, rather than Facebook.

    There’s no indication of how long the data was exposed, or if anyone downloaded it. UpGuard notified Cultura Colectiva twice about the exposed database in January, but the company never responded. It was only removed after Bloomberg, which first reported the story, contacted Facebook. At the Pool’s data was taken offline during the investigation.

    While the datasets came from third parties, the discovery will still shine a light on how Facebook allows these firms to access user data and the way it is stored. The incident has brought back memories of the Cambridge Analytica scandal, in which 87 million Facebook users' records were extracted without their consent.

    “The data exposed in each of these sets would not exist without Facebook, yet these data sets are no longer under Facebook’s control,” the UpGuard researchers wrote. “In each case, the Facebook platform facilitated the collection of data about individuals and its transfer to third parties, who became responsible for its security.”

    Responding to the discovery, a spokesperson said: “Facebook’s policies prohibit storing Facebook information in a public database. Once alerted to the issue, we worked with Amazon to take down the databases. We are committed to working with the developers on our platform to protect people’s data.”

    Permalink to story.

     
    Last edited by a moderator: Apr 4, 2019
  2. Cycloid Torus

    Cycloid Torus Stone age computing - click on the rock below.. Posts: 4,111   +1,213

    Facebook motto, "Close the barn door before it happens again....again...er, ah, again."
     
    Impudicus and JaredTheDragon like this.
  3. QuantumPhysics

    QuantumPhysics TS Evangelist Posts: 1,389   +1,020

    When you try to go to a website and it asks me to "Sign in with Facebook"...
     
  4. erickmendes

    erickmendes TS Evangelist Posts: 575   +247

    Thankfully I deleted my Facebook account a while ago, so I can at least sue Facebook if my data leaks afterwards. (as they are supposed to dispose my data after I remove my account).
     
  5. Uncle Al

    Uncle Al TS Evangelist Posts: 5,536   +3,915

    You know, I'd like the see the most private and personal information of every member of Congress, The Executive Branch, The Joint Chiefs, and the Supreme Court members leaked in a large open public forum ..... they let's see how quickly they close down a few of these overblown, irresponsible companies ....... assuming of course that the Joint Chiefs doesn't nuke 'em first ..... LOL
     
    ghostf1re likes this.
  6. Impudicus

    Impudicus TS Addict Posts: 149   +116

    "We are committed to working with the developers on our platform to protect people’s data.” Then they'll just to sell it to just about anyone if they "promise" to keep it safe.
     
  7. lexster

    lexster TS Guru Posts: 556   +272

    And people wonder why facebook is hemorrhaging users.
     

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...