Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
540 million Facebook user data points leaked by third parties
#1
Quote:Over 540 million Facebook user data records were compromised after third-party apps and sites stored the data on unsecured servers. The huge breach comes after numerous promises by Facebook to boost security, and it may prove to be one of the most dangerous yet. Find out why.

Two third-party Facebook app developers – Mexico-based Cultura Colectiva and an app called At The Pool – stored a total of about 540 million Facebook user data entries on unsecured Amazon Web Services (AWS) servers.

The data stored by Cultura Colectiva included more than 540 million “comments, likes, reactions, account names, FB IDs and more” from Facebook users. This data may seem innocuous, but a hacker or scammer could use it to defraud thousands of users.

Far less data was stored by At The Pool, but their data may have been more dangerous. In addition to their names, email addresses, and other Facebook data, the data included 22,000 plaintext passwords. The researchers assume that these passwords were used for the app, not Facebook. However, anyone using the same password for their other accounts would be at high risk.

At The Pool’s website has apparently been defunct since 2014. It is therefore likely that the data has been left unsecured at least since then.

The cherry on top: UpGuard, the cybersecurity firm that found and reported the breach, said that even closing the breach was an ordeal. One would hope that companies would respond quickly to protect their users’ data, but this was not the case. Here’s a timeline:

“[O]ur first notification email went out to Cultura Colectiva on January 10th, 2019. The second email to them went out on January 14th. To this day there has been no response.”

“[W]e then notified Amazon Web Services of the situation on January 28th. AWS sent a response on February 1st informing us that the bucket’s owner was made aware of the exposure.”

“When February 21st rolled around and the data was still not secured, we again sent an email to Amazon Web Services.”

“It was not until the morning of April 3rd, 2019, after Facebook was contacted by Bloomberg for comment, that the database backup […] was finally secured.”


Quote:How to protect yourself

Unfortunately, you have little to no control over how your data is used and stored once you give it away. The trick is to reduce your data footprint.

Don’t use third-party Facebook apps. These apps collect data on Facebook and deliver it to third parties who may not be secure. If you don’t want your private data showing up on unsecured servers, don’t use any third-party apps on Facebook.

Don’t use Facebook. This is a tough ask for many users, but the arguments for leaving Facebook are growing. With more and more data breaches and suspicious activities coming to light every month, more people are questioning whether this free service is worth it.

Reduce your Facebook activity levels. The less time you spend on Facebook and the less you do on their platform, the less they know about you. When creating or editing your account, don’t provide them with any more data than they need to provide their service.

More info HERE
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Over 10 Million Facebook Users Hacked in Ongoing Phishing Scam mrtrout 2 1,013 05-29-2023 , 03:41 PM
Last Post: Kai Brooks
  Leaked data in very recent weeks-Twitter WhatsApp Facebook LinkedIn vietnamrum 0 518 11-28-2022 , 02:56 PM
Last Post: vietnamrum
  TikTok denies security breach after hackers leak user data, source code tarekma7 0 1,880 09-06-2022 , 10:19 AM
Last Post: tarekma7
  Hacker group claims to steal 3 million users’ data from Israeli hiking websites mrtrout 0 998 01-22-2022 , 11:03 PM
Last Post: mrtrout
  Audi, Volkswagen data breach affects 3.3 million customers mrtrout 0 691 06-12-2021 , 11:26 PM
Last Post: mrtrout

Forum Jump:


Users browsing this thread: 1 Guest(s)