Another Day, Another Story About Exposed Facebook User Data

540 Mllion Facebook Records Leaked by Public Amazon S3 Buckets

Datasets from two third-party facebook apps were exposed to the public, according to cybersecurity firm UpGuard.

"Facebook's policies prohibit storing Facebook information in a public database", a company spokesman said in a statement emailed to Geek. Another backup file on a different storage server by defunct California-based app-maker At The Pool contained significantly more sensitive data, including scraped information on more than 22,000 users, for example, a user's friends lists, interests, photographs, group memberships, and check-ins.

We're talking about 540 million Facebook users with exposed information free for the taking.

The second data exposure came via a Facebook app called At the Pool.

Ping Identity's message to tech companies is simple: encrypt user data at rest and in transit; use up to date, off-the-shelf password hashing algorithms; don't write your own security code; monitor attack vectors like APIs using modern, threat-aware solutions; and control access to your services and applications using multi-factor authentication and fine-grained access control for everyone that touches them: end users, developers and system administrators.

Then in November 2017 UpGuard found "critical data" belonging to the U.S. army on virtual image of hard disk left on an AWS server, without password protection.

"Effectively, Facebook has not disclosed the full extent such access might grant, nor have they provided any indication of what data might be accessed during their verification". However, despite having been notified on January 10, it took until April 3 for the larger dataset to be secured.

Vickery said he also reached out to Cultura Colectiva to take down the data, but didn't receive a reply. "Not enough security is being put into the security side of big data", Chris Vickery, director cyber risk research at UpGuard, said. While Facebook themselves have not compromised this data, they have allowed it to be freely obtained by companies with lax security measures. In theory, anyone could have downloaded the unprotected database weighing over 146 gigabytes of text on Amazon's S3 bucket. "If they start shutting down access to data breaches, they start getting into liability a bit more". "That means the company's massive trove of data is in the hands of potentially thousands of third parties all over the world".

Unlike the 2017 Equifax breach, financial details and Social Security numbers were left out.

"The surface area for protecting the data of Facebook users is thus vast and heterogenous, and the responsibility for securing it lies with millions of app developers who have built on its platform", it added.

Related news:

Hot News

isis-killer-beheading-video-story-top Boeing responds to Ethiopian Airlines 737 Max crash findings
Apr 06, 2019 - 06:49
The March 10 incident became the second instance that the Boeing 737 MAX jet was involved in a crash within a span of five months. One source told ABC News they manually attempted to bring the nose of the plane back up by using the trim wheel.

isis-killer-beheading-video-story-top Nintendo Switch Online Adding Three New NES Games this April
Apr 06, 2019 - 06:43
Your mission is to halt a galactic invasion masterminded by Starbrain, a giant computer inhabiting a floating space station. Oddly enough the standard Nintendo Switch Joy-cons and the Pro Controller don't support this functionality.

isis-killer-beheading-video-story-top Boeing reveals further software problem in 737 MAX airplane
Apr 06, 2019 - 06:29
In a shocking move, regulators around the world grounded the 737 Max worldwide in the wake of the Ethiopian accident. Ms Stumo is the niece of consumer activist Ralph Nader, who called for a boycott of the 737 MAX on Thursday.

isis-killer-beheading-video-story-top House Chairman Asks IRS For Six Years Of Trump Taxes
Apr 06, 2019 - 03:35
Trump has long seen scrutiny of his complicated and hard to penetrate personal finances as a red line that should not be crossed. The IRS has said there are no rules preventing a person from sharing tax information while they are being audited.

isis-killer-beheading-video-story-top Joe Biden: 'I'm not sorry'
Apr 06, 2019 - 03:00
I'm going to tell you now: "President Trump could win re-election if we don't nominate the right candidate". The promise did not satisfy critics who demand an apology.

isis-killer-beheading-video-story-top National Burrito Day 2019: Deals, discounts from Chipotle, Moe's, more
Apr 05, 2019 - 06:25
Scroll through to see all the deals we've found so far, and keep checking back on April 4 to see if any more pop up. Check out these tortilla print blankets that wrap you up into a human burrito-a.k.a. everything you've ever wanted.

isis-killer-beheading-video-story-top UK govt, Labour meet over Brexit plan
Apr 05, 2019 - 06:07
Backbench Labour MPs have warned Jeremy Corbyn not to include a second Brexit referendum in any compromise deal with Theresa May. He added that the Labour leader was "also extremely risky on security matters".

isis-killer-beheading-video-story-top Chicago to sue Smollett after he refuses to pay
Apr 05, 2019 - 05:46
Appearing Wednesday on MSNBC, Lightfoot, a former prosecutor, said the Empire actor must be held accountable for any wrongdoing. Lori Lightfoot will be sworn in as mayor of Chicago on May 20, and could reverse any legal action her predecessor is taking.

isis-killer-beheading-video-story-top O'Rourke & Sanders: Opposites chasing young voters
Apr 05, 2019 - 05:42
Sanders touts that he's held zero traditional fundraisers and has an average donation of $20 - less than 1% of the $2800 maximum. Shakir reported that 88% of the total came from donations of $200 or less and that 99.5% of donations were for $100 or less.

isis-killer-beheading-video-story-top United States crude oil refinery inputs increase last week
Apr 04, 2019 - 05:57
As for Brent crude, the global benchmark, the price continues to edge towards the psychologically important $70/barrel level. The OPEC+ agreement to reduce oil output by 1.2 million barrels a day expires at the end of June.

isis-killer-beheading-video-story-top No-deal Brexit a real possibility, Dutch PM says
Apr 04, 2019 - 05:48
The leader of the left-of-center Labour Party says "we recognize that she has made a move" and is willing to hold talks with May. I think we both want to protect jobs. "Any plan would have to agree the current withdrawal agreement".

isis-killer-beheading-video-story-top Lightfoot will be Chicago's 1st black female mayor
Apr 04, 2019 - 05:43
But less than one out of five murders were solved in Chicago in the first half of 2018, according to local media. Lightfoot will become Chicago's first openly gay mayor and the first African American woman to hold the post.

isis-killer-beheading-video-story-top Real Madrid to start new Bernabeu stadium this summer
Apr 04, 2019 - 05:43
The people who know me know that Luca is here on his own merits. "I can't imagine Real Madrid without Varane and I don't want to, ' the coach added".

isis-killer-beheading-video-story-top Soon, schedule your mails: Gmail announces new features on 15th anniversary
Apr 03, 2019 - 06:41
However, long time Gmail users might find the new interface a tad daunting because there's just so many options and features here. As of today, Smart Compose is being made available in four new languages - French, Italian, Spanish and Portuguese.

isis-killer-beheading-video-story-top EU Cannot Be 'held Hostage' to Brexit Crisis: Macron
Apr 03, 2019 - 06:34
The UK parliament has three times rejected her divorce deal with the EU. He added: "Any extension must have a clear goal and a clear plan".