Facebook's lack of 'privacy' scrutiny leaves millions of user's data exposed on public servers

According to a report by security firm UpGuard, more than 500 million Facebook users had their personal data exposed on the public servers of Amazon by app developers. Researchers at UpGuard revealed their findings on Bloomberg and claimed that third-party app developers took hold of sensitive user’s information that included their likes, comments, photos, events, interests, FB IDs, check-ins, and even data regarding their friends.

The majority of records – around 540 million users’ data – was compromised by Cultura Cultive – a digital media company, based on Mexico. The company clarified its stance in a tweet that "All the data we obtain from [our] fan pages that we manage as a digital means of communication, is public, non-sensitive and is information that any Facebook user can see." Adding further, "We are aware of the uses that data can currently have, so we have reinforced our security measures to protect the data and privacy of the users of our fanpages on Facebook."

The second batch of leaked user data was significantly smaller and contained records of 22,000 users. These were uploaded publicly a Facebook-integrated app called “At the Pool” that shut down in 2014.

The findings by UpGuard highlight Facebook’s lack of measures to protect the user’s data that led app developers to make people’s sensitive information public all over the internet - without consent or knowledge.

Of course, now with the Cambridge Analytica scandal looming on its head, – the tech giant is making some amendments to secure users data – but as they say ‘the damage has been done.’
UpGuard, in its blog post also claims that Facebook cannot mitigate the extent of the damage as it has spread far beyond its controls.

Upon contact, a spokesperson of Facebook clarifies that they are working alongside the relevant agencies to protect user’s data from app developers and have taken down the information from the Amazon database when alerted of the issue.

Losing Face: Two More Cases of Third-Party Facebook App Data Exposure

Read Next: Facebook And Instagram Stored Millions Of Passwords In Plain Text Format
Previous Post Next Post