• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

Millions of Facebook Records Exposed on Amazon Cloud Servers

CyberPanda

CyberPanda

Banned
https://www.macrumors.com/2019/04/03/facebook-records-exposed-on-amazon-cloud-servers/

Millions of Facebook records were found on publicly accessible Amazon's cloud servers by researchers at UpGuard, a cybersecurity firm, reports Bloomberg. The data was uploaded by third-party companies that work with Facebook.

Mexico City-based media company Cultura Colectiva, for example, was storing 540 million records on Facebook users on Amazon's servers, offering up information that included identification numbers, comments, reactions, and account names.

facebooksecurity-800x499.jpg

A now-defunct app called At the Pool shared sensitive data like names and email addresses for 22,000 Facebook users.

Facebook did not leak this data, but it did provide the data to the third-party companies that went on to improperly store it with no oversight from Facebook. For years, Facebook provided extensive customer information to advertisers and partners, and while the company has since cracked down on the amount of data it shares, the previously obtained information is still widely available.

"The public doesn't realize yet that these high-level systems administrators and developers, the people that are custodians of this data, they are being either risky or lazy or cutting corners," said Chris Vickery, director of cyber risk research at UpGuard. "Not enough care is being put into the security side of big data."​
Facebook's prior data sharing habits allowed any app on the site to obtain information from the people using the app and their friends in many cases, which led to the scandal that saw Cambridge Analytica illicitly using personal data acquired from Facebook to create targeted political advertisements in the 2016 election.

Facebook has since modified its privacy policies and has cut down on the access that apps have. Facebook has also suspended hundreds of apps and began audits to make sure data isn't being mishandled.

In response to the public Facebook data found by UpGuard, a Facebook spokesperson told Bloombergthat its policies prohibit the storing of Facebook information in a public database, though there is apparently little oversight from Facebook. Facebook did work with Amazon to take down the databases that were sharing data publicly after UpGuard's discovery.
Click to expand...
 
Last edited:
TimFL

TimFL

Member
I don‘t really see how this is news. Yeah it sucks but what should facebook do about it? You can‘t stop stupid devs from breaking ToS, you can only punish them by revoking their app permissions but the damage is already done then.

It‘s like having a doctor leak damaging information about the patients of your hospital to the public or 3rd party. You can sue and ruin them but the damage is already done, no ToS or privacy agreement can stop stupid or malicious behavior (yet this will once again fill my news feed app for weeks to come).

People on facebook know what they sign up for when they give consent to using an app or service on there. It‘s written out in plain english.
 
mekes

mekes

Member
I was hacked for a few take away food deliveries on deliveroo hours after merging my deliveroo to my Facebook account last week. Makes me dislike Facebook even more as I do suspect that’s where the problem is.
 
Shifty

Shifty

Member
Rag-tag startups given access to sensitive data, too busy rushing their product to market to do due diligence around security.

Sounds pretty normal. Lack of ethical responsibility happens way often when time and money take priority.
 
Last edited:
Trojita

Trojita

Rapid Response Threadmaker
TimFL said:
I don‘t really see how this is news. Yeah it sucks but what should facebook do about it? You can‘t stop stupid devs from breaking ToS, you can only punish them by revoking their app permissions but the damage is already done then.

It‘s like having a doctor leak damaging information about the patients of your hospital to the public or 3rd party. You can sue and ruin them but the damage is already done, no ToS or privacy agreement can stop stupid or malicious behavior (yet this will once again fill my news feed app for weeks to come).

People on facebook know what they sign up for when they give consent to using an app or service on there. It‘s written out in plain english.
Click to expand...
Facebook provided extensive customer information to advertisers and partners, and while the company has since cracked down on the amount of data it shares, the previously obtained information is still widely available.
Click to expand...

Not sharing sensitive shit as wide as you can to get as much money as you can.

HIPAA is the law to prevent leaks like you mentioned and you can be sure as shit that hospitals take it seriously.
 
Rentahamster

Rentahamster

Rodent Whores
Even though everything I've shared on Facebook was a lie, they still have ways of extracting useful information out of you for advertising purposes, browsing history, search history, targeted keywords. It's impressive and creepy all at the same time.
 
You must log in or register to reply here.

Similar threads

GAF, Don't forget to get your Zuck Bucks™ - Facebook User Privacy Settlement Claim available
Social
19
2K
Kilau replied
Pico Takes On Meta in Battle for Virtual-Reality Market
Business Analysis VR
1
673
ZiZ replied
Bobby Kotick, former CEO of Activision, Interested in Buying Tik-Tok
2 3
143
7K
Gameplay Gods Bless replied
Nvidia reports record earnings, profits on growth in AI and gaming
Business Analysis Hardware 2
68
4K
FStubbs replied
FTC Will Require Microsoft to Pay $20 million over Charges it Illegally Collected Personal Information from Children without Their Parents’ Consent
News 2
66
8K
ergem replied
Top Bottom