Records of 540 Million People on Facebook Compromised by 3rd Party Devs

Facebook is clearly struggling big time with protecting its user data over the past few years and is losing its credibility with every scandal that resurfaces. This is the second user data privacy issue this week. Makes us wonder, what is Facebook even doing to protect user privacy?

You will be familiar with the phrase, “sign up using Facebook” or “sign in using Facebook”. Facebook lets third-party applications access user information for easy sign-ins, we don’t mind that, but we certainly mind how every now and then our data is made public due to one reason or another.

Recently, hundreds of millions of users’ data was found on the Amazon Cloud that was publicly downloadable. This included around 22,000 passwords and comments, likes as well as recent activity. A total of 146 GB data was made public which included 540 million records. The data was stored on the Amazon cloud by two third-party Facebook app developers in a way that allowed it to be publicly accessible. These statistics are based on a report from UpGuard, a cybersecurity firm.

In the wake of this situation, a Facebook spokesperson has said that it is illegal for third-party applications to store data on a public domain. I am sorry to say, but just making the rules is not enough, implementing them is just as important. This case only shows how incompetent Facebook is becoming and how difficult it is for the company to handle large amounts of user data.

According to Chris Vickery the director cyber risk of UpGuard,

Facebook has no way of guaranteeing the safe storage of the data of their end users if they are going to allow app developers to harvest it in mass.

Facebook has also made some ‘unreliable’ remarks like the data was harvested for academic use and later transferred to the third-party applications etc. but there is no excuse for a company as big as Facebook.

  • close