Cybersecurity researchers on Wednesday said that they discovered hundreds of millions of Facebook user documents vulnerable publicly online.
Upguard, a cybersecurity company, in a report discovered two third-party Facebook program makers had accidentally exposed data collections comprising troves of Facebook users’ private details on Amazon cloud calculating solutions.
The information contained details such as Facebook users’ opinions, names, and likes. The data was gathered by the third party Facebook programs and saved on Amazon’s cloud.
“Facebook’s policies prohibit storing Facebook information in a public database,” a Facebook spokesperson told The Hill. “Once alerted to the issue, we worked with Amazon to take down the databases.”
“We are committed to working with the developers on our platform to protect people’s data,” the spokesperson added.
Mexico-based firm Cultura Colectiva abandoned 540 million recordings vulnerable on Amazon’s cloud with no password, according to the investigators, and program manufacturer in The Pool left info about 22,000 Facebook users vulnerable, such as their own passwords.
The investigators said those passwords seem to be for The Pool’s program, but a lot of users use the identical password for multiple accounts.
The public data sets include information on “Facebook users, describing their interests, relationships, and interactions, that were available to third-party developers” who made apps for Facebook. The findings were reported by Bloomberg News.
The most recent privacy violation comes a bit more than a year following revelations which Cambridge Analytica, a conservative public relations firm, acquired information on hundreds of millions of Facebook users by a researcher who gathered the data through a third party program on the stage.
Additionally, it comes weeks following Facebook declared that, for decades, “hundreds of millions” of users’ passwords were saved in benign plain text reachable from the organization’s employees.
Facebook has been facing intense pressure and scrutiny over its privacy practices, as critics accuse the business of failing to properly protect users’ data.