Facebook user records exposed on Amazon cloud servers

Posted April 06, 2019

The data set reportedly contains over 146 GB of data, which amounts to over 540 million Facebook user records, including comments, likes, reactions, account names, Facebook user IDs, and more.

Researchers from UpGuard have found that troves of Facebook user information have been inadvertently posted publicly on Amazon cloud servers, which was shared by Facebook to its third-party partners. The UpGuard Cyber Risk security organisation has found one database belonging to a Mexico-based media company Cultura Colectiva, and one belonging to the now defunct app At The Pool.

"Facebook is giving third-party app developers access to user data", Deraison said. "The data exposed in each of these sets would not exist without Facebook, yet these data sets are no longer under Facebook's control".

The latest reports of user passwords exposed in plaintext on public servers by Facebook is lamentable, but all too common event in the technology industry.

No-deal Brexit a very real possibility, warns Ireland's deputy premier
Mr Coveney made the comments as efforts intensify to find a way through the Brexit impasse with the April 12 deadline looming. He said "reasonable questions" are being asked about the protection of the single market and the customs union.

It's just been a year since the Cambridge Analytics scandal made headlines the world in which Facebook failed to secure its users' information. Facebook promised better safeguards, saying open storage violates its policies. Although that exposed the details of only 22,000 Facebook users, the exposed data also included plain-text passwords. In recent years, information stored on several cloud services - USA military data, personal information of newspaper subscribers and cell phone users - has been inadvertently shared publicly online and discovered by security researchers.

While the datasets came from third parties, the discovery will still shine a light on how Facebook allows these firms to access user data and the way it is stored.

The app known as "At the Pool" stopped operating in 2014, yet their the database was still publicly available.

When the data breach was first discovered in January, UpGuard said that it had informed Cultura Colectiva and Amazon Web Services. It was unclear whether Cultura Colectiva accessed this data before 2015 or afterward, when Facebook put in place more stringent restrictions on developers.

Erdogan loses key cities as Turkey feels the sting of recession
In Istanbul , the CHP was almost 28,000 votes ahead as the last votes were being counted. Meanwhile, the race in Turkey's largest city, Istanbul , remained too close to call.

There are other similarities when taking into account the two Facebook user data sets leaked by misconfigured Amazon S3 buckets beside the number of users who got their sensitive personal info exposed, like the fact that they are both describing the users' "interests, relationships, and interactions, that were available to third-party developers".

Allegedly, Facebook wasn't aware of this until a Bloomberg representative notified the tech giant about the data breach earlier this week, according to TechCrunch.

At The Pool did not respond to a request for comment. The data was not tokenized or secured to make it unreadable by public probing.

Former WWE executive Linda McMahon taps out as Trump's small business administrator
Prior to joining the Trump administration , McMahon, who unsuccessfully waged a Republican bid for a CT U.S. Senate seat in 2012, advised global businesses as part of APCO Worldwide's International Advisory Council.