Definitively I can tell you that this is an awful period for Facebook and its users.
We first read about an embarrassing incident involving the social network giant that asked some newly-registered users to provide the passwords to their email accounts to confirm their identity
News of the day is related to a data
The huge trove of data was amassed and stored online on unprotected cloud servers by third-party Facebook app developers.
UpGuard experts discovered two datasets exposed online, one belonging to a Mexican media company called Cultura Colectiva and another from a Facebook-integrated app called “At the pool.”
“A separate backup from a Facebook-integrated app titled “At the Pool” was also found exposed to the public internet via an Amazon S3 bucket.”
The archive managed by Cultura Colectiva contains more than 146 GB of data related to over 540 million Facebook user records, it included comments, likes, reactions, account names, Facebook user IDs, and more.
The second archive managed by “At the Pool” app contains information about users’ friends, likes, groups, and checked-in locations, as well as names, plaintext passwords for “At the Pool” accounts, and email addresses for 22,000 people.
Both datasets were stored in unsecured Amazon S3 buckets,
Facebook faced several times severe scrutiny for its practice of sharing its users’ data with third-party companies.
These two datasets demonstrate that even if the company is spending an important effort to reduce third-party access, some data are difficult to track and to control.
“But as these exposures show, the data genie cannot be put back in the bottle. Data about Facebook users
“Combine that plenitude of personal data with storage technologies that are often misconfigured for public access, and the result is a long tail of data about Facebook users that continues to leak.”
The availability of this data online poses serious risks to impacted users, threat actors that that eventually had accessed them, could use the information to carry out several malicious activities.
“These two situations speak to the inherent problem of mass information collection: the data doesn’t naturally go away, and a derelict storage location may or may not be given the attention it requires.” concludes the company.