Stories
Slash Boxes
Comments

SoylentNews is people

posted by mrpg on Thursday April 04 2019, @07:23AM   Printer-friendly
from the do-they-sing-well? dept.

Researchers Find 540 Million Facebook User Records on Exposed Servers :

Security researchers have found hundreds of millions of Facebook user records sitting on an inadvertently public storage server.

The two batches of user records were collected and exposed from two third-party companies, according to researchers at security firm UpGuard, who found the data.

In the researchers' write-up, Mexico-based digital media company Cultura Colectiva left more than 540 million records — including comments, likes, reactions, account names and more — stored on the Amazon S3 storage server without a password, allowing anyone to access the data. Another backup file on a separate storage server by defunct California-based app maker At The Pool contained even more sensitive data, including scraped information on more than 22,000 users, such as a user's friends lists, interests, photos, group memberships and check-ins.

According to UpGuard, neither company responded to requests to have the data removed. Facebook contacted Amazon to pull the data offline, a Facebook spokesperson told TechCrunch.

"Facebook's policies prohibit storing Facebook information in a public database," said the spokesperson. Facebook said there is no evidence yet to show the data has been misused but that it was investigating.

[...] "Storing personal information collected from end users is a liability," said [director of cyber risk research at UpGuard, Chris] Vickery. "The more you have, the greater that liability becomes."

At what point will we see Facebook actually take protection of user's info seriously?


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Insightful) by bradley13 on Thursday April 04 2019, @08:59AM (2 children)

    by bradley13 (3053) on Thursday April 04 2019, @08:59AM (#824402) Homepage Journal

    One of the few really good things the EU parliament has done. If European users are affected, the companies can face massive fines over carelessness like this.

    If you take privacy seriously, then you need laws like the GDPR that allow people to control what is done with their data, and that have serious penalties for abuse or carelessness.

    --
    Everyone is somebody else's weirdo.
    Starting Score:    1  point
    Moderation   +2  
       Insightful=2, Total=2
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 3, Interesting) by c0lo on Thursday April 04 2019, @10:33AM

    by c0lo (156) Subscriber Badge on Thursday April 04 2019, @10:33AM (#824413) Journal

    If European users are affected, the companies can face massive fines over carelessness like this.

    Question is: will they?
    540M records - some are bound to belong to Europeans.

    --
    https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
  • (Score: 2, Insightful) by Anonymous Coward on Thursday April 04 2019, @06:21PM

    by Anonymous Coward on Thursday April 04 2019, @06:21PM (#824626)

    Which company faces the fine? Neither DB 'belonged" to facebook directly, and it seems both of the companies involved no longer exist. It would be interesting if amazon were somehow found liable as well - though the implications of that would just about kill the internet.