Another day and another Facebook data breach, this time it has been discovered that millions of Facebook records have been stored publicly on Amazon’s cloud servers.
The latest breach was discovered by security research firm UpGuard. These records could be accessed by anyone, posing a significant risk to user privacy and data security.
The UpGuard Cyber Risk team can now report that two more third-party developed Facebook app datasets have been found exposed to the public internet. One, originating from the Mexico-based media company Cultura Colectiva, weighs in at 146 gigabytes and contains over 540 million records detailing comments, likes, reactions, account names, FB IDs and more. This same type of collection, in similarly concentrated form, has been cause for concern in the recent past, given the potential uses of such data.
Details of the Breach
The exposed datasets were found on Amazon Web Services (AWS) servers, which are commonly used for cloud storage by companies worldwide. The first dataset, from Cultura Colectiva, included a staggering 146 gigabytes of data. This dataset contained over 540 million records, including sensitive information such as comments, likes, reactions, account names, and Facebook IDs. Such detailed collections of data can be particularly dangerous as they can be used for various malicious purposes, including identity theft, phishing attacks, and unauthorized data mining.
The second dataset was linked to a Facebook-integrated app called “At the Pool.” Although smaller in size, this dataset contained plaintext passwords for 22,000 users, which is alarming given the potential for these passwords to be reused across multiple sites and services.
Implications and Concerns
The implications of this data breach are far-reaching. With such a vast amount of user data exposed, the potential for misuse is high. Cybercriminals can exploit this information to create highly targeted phishing campaigns, manipulate social media interactions, or even steal identities. The breach also raises questions about the security practices of third-party developers who have access to Facebook’s user data.
Moreover, this incident highlights the ongoing challenges Facebook faces in securing user data. Despite previous breaches and promises to improve security measures, the recurrence of such incidents suggests that more stringent oversight and robust security protocols are needed. Users are increasingly concerned about their privacy and the safety of their personal information, and incidents like this only serve to erode trust in the platform.
As yet, there is no official statement from Facebook on their latest data breach. The company has faced numerous data privacy issues in the past, including the infamous Cambridge Analytica scandal, which involved the unauthorized harvesting of data from millions of Facebook profiles. Each new breach adds to the growing scrutiny and regulatory pressure on Facebook to enhance its data protection measures.
In response to these breaches, it is crucial for users to take proactive steps to protect their data. This includes regularly updating passwords, enabling two-factor authentication, and being cautious about the information shared on social media platforms. Additionally, users should be aware of the permissions granted to third-party apps and periodically review and revoke access to those that are no longer in use.
As soon as we get more information, we will let you guys know.
Latest Geeky Gadgets Deals
Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, Geeky Gadgets may earn an affiliate commission. Learn about our Disclosure Policy.
