Yet another Facebook Data Breach

Millions of data on Facebook which includes account names and plaintext passwords have been found to be have been in two separate publicly exposed app databases.

The very first publicly-exposed dataset has its origin from a media firm, Cultura Colectiva which has its base in Mexico. This dataset contains around 540 million records which include account names, likes, comments, reactions and more. The very next publicly-exposed dataset is a Facebook-integrated app titled ‘At the Pool’. This dataset has exposed plaintext Facebook passwords of nearly 22,000 users. Both these exposed databases have been secured according to the researchers. In the case of the exposed At the Pool database backup, researchers found out that a plain text had Facebook passwords of nearly 22,000 users which were exposed on public internet through an Amazon S3 bucket. The database was also exposing data such as account names, user ID’s, user’s “friends” on Facebook, interests, likes and photos.

Researchers said,

“The passwords are presumably for the ‘At the Pool’ app rather than for the user’s Facebook account but would put users at risk who have reused the same password across accounts. This should offer little consolation to the app’s end users whose names, passwords, email addresses, Facebook IDs, and other details were openly exposed for an unknown period of time.”

Researchers informed Facebook regarding the Cultura Colectiva data on 10th January this year but there was no response according to the researchers. “It was not until the morning of April 3rd, 2019, after Facebook was contacted by Bloomberg for comment, that the database backup, inside an AWS S3 storage bucket titled “cc-datalake,” was finally secured,” researchers said. This incident has happened after a couple of weeks when millions of Facebook user passwords were found stored in plain text for years which was discovered in March this year.

Researchers confirmed,

“As Facebook faces scrutiny over its data stewardship practices, they have made efforts to reduce third-party access. But as these exposures show, the data genie cannot be put back in the bottle. Data about Facebook users have been spread far beyond the bounds of what Facebook can control today. Combine that plenitude of personal data with storage technologies that are often misconfigured for public access, and the result is a long tail of data about Facebook users that continues to leak.”

Leave a Reply

Your email address will not be published. Required fields are marked *

Single Column Posts

Single Column Posts Subtitle

South America bucks up in the Crypto and Blockchain field

The Central Bank of Brazil (BCB) has recently announced the launch of its second edition of the Laboratory of Financial...

Blockchain is supposedly Bigger than The Gutenberg Press And The Internet

The CEO of Overstock, Mr. Patrick Byrne has been a well-known and extremely knowledgeable crypto enthusiast, who has well in...

Blockchain ETF Launches on the London Stock Exchange

Investment management firm Invesco has launched a blockchain exchange-traded fund (ETF) on the London Stock Exchange last week. Invesco has...

Paxos is all about to be showered in gold

The blockchain firm, Paxos will be launching its digital token which will be backed by the precious metal, gold. During an...

Regulators Are Calling 2019 the “Year of the Blockchain”

Regulators have eased regulations regarding blockchain technology as most of them feel that it might harm the development of the...