Facebook user records found exposed on Amazon cloud

Share

In the wake of the Cambridge Analytica scandal, Facebook withdrew access to personal data from any third-party app that users hadn't logged in to for 90 days. Facebook shares pared their gains after the Bloomberg News report.

Another database, from an app called At the Pool, listed names, passwords and email addresses of 22,000 people, UpGuard said.

In this particular case, it comes down to third-party databases.

The second exposed database, from a Facebook-integrated app titled "At the Pool", was also found online via an Amazon S3 bucket. "We are committed to working with the developers on our platform to protect people's data". On the plus side, the data was removed from the Amazon server while UpGuard's researchers were poking around in it, and before they had a chance to notify anyone.

UpGuard's blog post didn't mention how many users may have been ensnared in the Cultura Colectiva leak.

On the other hand, when something like this happens, it is House Zuck that ends up catching the heat, even though Facebook's own staff had nothing to do with the exposure itself.

Ethiopian Airlines Boeing 737 Max Was Struck by 'Foreign Object'
It is unknown what would have kept the pilots of the Lion Air flight from disengaging the system and trimming the aircraft. They turned the system back on and tried other actions before the plane crashed, the paper said, citing anonymous sources.

Biden defends behavior with women, says he never believed he acted inappropriately
In an op-ed posted on The Cut on March 29, Flores detailed how she felt Biden get closer to her from behind at a campaign rally. A Politico report notes that Biden and those involved with his possible campaign felt surprised by Flores' account.

Missing college student from N.J. found dead in SC
It is just as personal to us and I assured them we will be with them every step of the way until (this investigation) is done". The driver ran, but was arrested after a short chase, Holbrook said. "Skip" Holbrook said during a news conference.

Facebook's woes, as far as security and user privacy are concerned, continue to grow. Facebook now offers rewards for researchers who find problems with its third-party apps.

"Facebook's policies prohibit storing Facebook information in a public database", the company said.

UpGuard found the data about the Facebook users as part of regular checks it carries out on Amazon S3 servers that have inadvertently exposed databases.

According to UpGuard, they have sent two notification e-mails to Cultura Colectiva on January 10 and January 14, and have received no response.

It looks like the 540 million records may in fact be an aggregate of all the "comments, likes, reactions, account names, Facebook IDs and more", as UpGuard described it, pertaining to every comment ever made on any Cultura Colectiva story. If the data was misused in some way is also unknown at this point. Sometimes, that information is created to be public-facing, as in the case of a cache of photos or other images stored for use on a corporate website. The company has one of the best teams of cyber-security experts, adds security-related features to user accounts and its IT infrastructure on a regular basis, and often open-sources many of its internal security tools so other companies can use them as well. But it has a wide lead in the business of selling rented data storage and computing power, putting a spotlight on Seattle-based company's practices.

Share