Facebook App Developers Upload Millions of User Records to the Cloud, Users’ Info Exposed

Many apps use cloud storage to keep their data. Not only does the cloud offer a seemingly infinite amount of storage, but it also provides a convenient alternative to having your data stored in countless hard drives and computers locally, not to mention that the physical option is incredibly expensive. However, as with everything online, the cloud isn’t perfectly safe. In fact, there are multiple instances that cloud servers have been hacked. However, for the case of Facebook, a simple lapse in judgment led to millions of user data to be leaked.

According to UpGuard researchers, Facebook app developers allowed millions of user records to be exposed to public, visible cloud servers. This mishap made user data prone to multiple entities trying to copy and use it for their personal gain.

The researchers expressed that the larger of the two data sets originated from called Cultura Colectiva, a Mexican media company. The 146GB data set contained information like Facebook user activity, account names, and IDs. It was discovered that it included more than 540 million records, according to the researchers. A similar data set was also found for an app called “At the Pool.” Although this data set was relatively smaller, it still included rather personal information, including 22,000 passwords apparently used for the app.

540 million records. That was the amount of data that was easily accessible, all because of a mishap from Facebook headquarters. That amount of data belongs to millions of users, putting them at huge risk. It is still unclear how long the data was publicly available, or who may have possibly acquired it from the servers. The data sets in question were both found on Amazon cloud servers. According to sources, the data was immediately removed as soon as Facebook was made aware of its existence. However, it still cannot be assured that no one accessed the data before it was pulled from the servers.

A Facebook spokesperson asserted that Facebook’s policies prohibit storing Facebook information in a public database. According to him, Facebook worked with Amazon to take down the databases as soon as they were alerted. Developers and programmers are being tasked to working with the developers on Facebook’s platform in order to protect people’s data.

Public’s response

Facebook has been facing intense criticism over how it has been sharing user data with third parties. The most popular instance was when the political data company, Cambridge Analytica, harvested information on users through a seemingly harmless quiz app. Facebook has since minimized and cut down the number of apps which have access to user data.

For this particular case, the data seems to have been made available by mistake. However, the problem still raises questions about where user information has traveled since it was collected by Facebook apps. It has been known that multiple applications use Facebook’s systems in some form or another. This means that the data that people input in those applications are also being given to Facebook. After this mishap, users fear that other, more important aspects of their personal information may be floating around in the cloud, just waiting for someone to access it.

This is not the first time Facebook has been involved in an issue concerning the data of users. In the past month, there have been reports about third-party applications sending users’ personal information to Facebook, even if the users did not have a Facebook account. This led to a negative response from the community, obliging the third-party applications to update and remove the feature that allows Facebook to gather their data. While some applications like Spotify have removed this part of their app, major applications that send users’ information to the social media giant still exist on the market.

In this time of technology, it is incredibly easy for individuals to take your information and impersonate you. Worse, depending on the type of information they have, they can even access your finances and use it for your benefit. Given that Facebook has millions upon millions of users that input their personal data, it might be a good idea for the company to have a tighter hold on the data they gather.

Add comment

Security code