Latest in Gear

Image credit: Engadget

Cambridge Analytica might have accessed private Facebook messages (updated)

1,500 people gave permission, but that could affect many more users.
443 Shares
Share
Tweet
Share
Save

Sponsored Links

Engadget

Facebook just began notifying people if their information was accessed by Cambridge Analytica yesterday. Soon after, the social media company created a Help Center page that you can check to see if you were one of the affected members who logged into quiz app This Is Your Digital Life. Apparently, doing so not only shared your News Feed, timeline and posts, but also your private messages.

Facebook confirmed to Wired that the app used a read_mailbox permission, which, unlike other sensitive permissions that Facebook phased out in April of 2015, didn't fully deprecate until October of that same year.

Wired reports that while users would have needed to give their permission for the app (and hence Cambridge Analytica) to access their message inboxes, the request would have likely been hidden in with a bunch of other permission requests, which users may have missed when "agreeing" to share their data. Facebook says that a total of 1,500 people gave This Is Your Digital Life permission, though the total of actual users affected is unknown. The problem goes beyond those that granted permission to share; if you in some way messaged with any of those users, you might be also impacted.

Update 4/10/18 2:26 PM ET: Cambridge Analytica tweeted that it hasn't "handled such data" and that GSR (Global Science Research, the research company that obtained data for CA) did not share any private messages with it or SCL Elections.

A Facebook spokesperson reached out and told us:

"In 2014, Facebook's platform policy allowed developers to request mailbox permissions but only if the person explicitly gave consent for this to happen. At the time when people provided access to their mailboxes -- when Facebook messages were more of an inbox and less of a real-time messaging service - this enabled things like desktop apps that combined Facebook messages with messages from other services like SMS so that a person could access their messages all in one place. According to our records only a very small number of people explicitly opted into sharing this information. The feature was turned off in 2015."

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
443 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget's 2019 Back-to-School Guide

Engadget's 2019 Back-to-School Guide

View
Apple warns against storing its titanium credit card in leather

Apple warns against storing its titanium credit card in leather

View
Google's next Nest Mini speaker could be wall-mountable

Google's next Nest Mini speaker could be wall-mountable

View
Microsoft tests more control for apps that restart with Windows 10

Microsoft tests more control for apps that restart with Windows 10

View
Terminator T-800 and The Joker are coming to 'Mortal Kombat 11'

Terminator T-800 and The Joker are coming to 'Mortal Kombat 11'

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr