Plus Android Q Beta 2 hits Pixel devices, Verizon flips the switch on its 5G Network in a couple of new cities, and Apple announces the Beats Powerbeats Pro to compete with its own AirPods. Wait, what?
540 Million Facebook User Records, Passwords, Comments, and More Leaked
The biggest story to hit the scene over the last day was undoubtedly another Facebook leak. This time, sensitive data like passwords was part of the leak, but also Facebook IDs, comments, reactions, account names, and more.
This leak came by way of third-party app developers being careless with user data and storing it on an unsecured Amazon S3 server. Specifically, two services were found to be responsible for this data leak: a Mexican-based media company called Cultura Colectiva and an application with Facebook integration called At the Pool.
The former was responsible for the majority of the damage here, with 146GB of data for nearly 540 million users. At the Pool, by contrast, was only responsible for about 22,000 passwords, though they were specific to the app. As the research company responsible for these findings, UpGuard, notes, At the Pool is only an issue for users who re-use passwords across various sites.
The good news here is that the data buckets have since been removed from Amazon servers; the issue, however, is that it’s unclear how much exposure they garnered before being pulled. In a statement to Gizmodo, Facebook notes that it’s against its policy to store information on public databases, and it worked with Amazon to pull this data once it was made aware of the issue. Here’s the full statement for those interested:
Facebook’s policies prohibit storing Facebook information in a public database. Once alerted to the issue, we worked with Amazon to take down the databases. We are committed to working with the developers on our platform to protect people’s data.
The biggest issue here for Facebook users, however, is that the data was leaked in the first place. Once that happens, it doesn’t go away—if your data was part of this particular breach, then it’s out there now. Facebook can’t control it. As UpGuard so accurately pointed out “the data genie cannot be put back in the bottle.”
The upside is that if you’ve never used either of the services in question, then you’re safe. If you have, however, then it’s probably cause for concern.
Post a Comment Blogger Facebook
We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. As the comments are written and submitted by visitors of The Sheen Blog, they in no way represent the opinion of The Sheen Blog. Let's work together to keep the conversation civil.