In the latest privacy blow for Facebook, the information of up to 540 million users — including passwords, comments, likes, and Facebook IDs — were left by app developers on publicly visible Amazon cloud servers. That’s according to a report from the security firm UpGuard, which initially discovered the two datasets of Facebook user information.
Though the information on the servers was eventually removed once Facebook was contacted, it is not known how long the data was available to the public — or who may have accessed it. According to UpGuard, there are two specific data sets that contained user information. One set which comes from the Mexican media company, Cultra Collectiva, weighed in at 146GB and contained the personal information of 540 million Facebook users. The second data set, which traces back to a
“The data sets vary in when they were last updated, the data points present, and the number of unique individuals in each. What ties them together is that they both contain data about Facebook users, describing their interests, relationships, and interactions, that were available to third-party developers,” UpGuard said.
Facebook and Amazon worked to take down databases, but not before the damage was done. “Facebook’s policies prohibit storing
Though there remains the possibility that these app developers could have inadvertently placed the information on public servers, it serves as a reminder that Facebook data is not always private. Previously, in December 2018, an API bug exposed the private photos of up to 6.8 million
- Personal data of 69 million Neopets users is now up for sale after a data breach
- Facebook’s Messenger and WhatsApp saw record usage on New Year’s Eve
- Hackers are trying to sell a haul of more than 73 million user records
- Facebook’s latest experimental app lets you document your hobbies
- WhatsApp follows Facebook and YouTube to over 2 billion monthly users