Latest in Gear

Image credit:

Third-party errors left over 540 million Facebook records exposed

Data sharing is only as secure as the weakest link in the chain.
Jon Fingas, @jonfingas
April 3, 2019
Share
Tweet
Share

Sponsored Links

Johannes Berg/Bloomberg via Getty Images

Facebook is embroiled in another privacy scandal, although this time it's not of the company's direct making. UpGuard researchers have discovered over 540 million Facebook interaction records left exposed by third parties using Amazon's cloud services. Nearly all of them come from Mexican media company Cultura Colectiva, which recorded account names, comments, Facebook IDs and likes, among other details. Another exposure comes from At the Pool, a long-defunct app that left 22,000 passwords unprotected in addition to other sensitive details.

UpGuard didn't have much success getting Amazon to take down the content. It first emailed Cultura Colectiva on January 10th, and Amazon on January 28th. Cultura's data trove wasn't taken down until April 3rd, when Bloomberg reached out to Facebook for a comment. At the Pool's data vanished before a notification email could be sent.

In its response, Facebook said that the company's policies prevented storing data in public databases, and that it worked with Amazon to remove the material.

There's only so much Facebook could have done to keep a lid on the data without storing it internally, and that might have been tricky when Cultura had 146GB of records by itself. However, this does underscore a growing problem for Facebook and other data-centric tech companies: user information is only as secure as the least secure part of the chain. And in some cases, those partners make basic mistakes like leaving data publicly accessible. You might not see improvements on this front until every company is just as diligent at locking down data, not just the original providers.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Moog app brings the classic Model 15 modular synth to the Mac

Moog app brings the classic Model 15 modular synth to the Mac

View
'Hitman 3' players run into launch day server problems

'Hitman 3' players run into launch day server problems

View
New White House website includes a hidden recruitment message for coders | Engadget

New White House website includes a hidden recruitment message for coders | Engadget

View
Samsung Display to make 90Hz OLED screens for laptops

Samsung Display to make 90Hz OLED screens for laptops

View
Mercedes-Benz' EQA crossover is its first sub-$50,000 EV

Mercedes-Benz' EQA crossover is its first sub-$50,000 EV

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr