Researchers find more cases of Facebook app data exposure

SAN FRANCISCO, Calif. — Security researchers have uncovered more instances of Facebook user data being publicly exposed on the internet, further underscoring its struggles as it deals with a slew of privacy and other problems.

The researchers from the firm UpGuard said in a blog post Wednesday that the data, which included user names and passwords, came from two different Facebook apps that stored their data publicly on Amazon’s cloud services. Facebook said the databases have been taken down.

But the episode illustrates Facebook’s issues with controlling its users’ data, especially once it is in the hands of third-party developers.

The databases were from a Mexico-based media company called Cultura Colectiva, which included more than 540 million records — like user comments and likes — and from an app called At the Pool. The researchers said passwords stored for At the Pool were “presumably” for the app and not for Facebook. Still, storing them publicly could put people at risk if they used the same passwords across different accounts.

While the At the Pool data collection was not as large as that for Cultura Colectiva, UpGuard said it included plain text passwords for 22,000 users. The app itself shut down in 2014, and UpGuard said it is not known how long the user details were exposed.

The discovery comes a little over a year after Facebook’s Cambridge Analytica scandal , in which the data mining firm affiliated with Donald Trump got personal data on millions of Facebook users.

“As Facebook faces scrutiny over its data stewardship practices, they have made efforts to reduce third party access. But as these exposures show, the data genie cannot be put back in the bottle,” UpGuard wrote in its blog post. “Data about Facebook users has been spread far beyond the bounds of what Facebook can control today.”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Notice: you are using an outdated browser. Microsoft does not recommend using IE as your default browser. Some features on this website, like video and images, might not work properly. For the best experience, please upgrade your browser.