massive facebook data leak

Facebook has once again hit rock bottom as another 540 million records were recently discovered on unsafe Amazon cloud servers in two batches.

Reportedly, the records were stored on an unprotected server, the data-monitoring firm UpGuard came across this information according to their blog.


However, what is interesting in this whole scenario is that Facebook was not the one to share these records on the servers. They were uploaded by third-party companies which violated the social media platform’s policies about sharing user-information publically.

As Facebook faces scrutiny over its data stewardship practices, they have made efforts to reduce third-party access. But as these exposures show, the data genie cannot be put back in the bottle. Data about Facebook users has been spread far beyond the bounds of what Facebook can control today. – UpGuard Blog Read

WhatsApp Group Block Prevents Random People Adding Users to Unwanted Groups

The 540 million records are not all user data, it was collected by a Mexican digital-media firm called Cultura Colectiva, which has a nice-looking, photo-heavy website in both Spanish and English devoted to everything and anything Latin American, as well as lots of pop culture, according to Tom’s Guide.

Cultura Colectiva urges users to share its stories on different platforms such as Facebook, Pinterest, Twitter, and even WhatsApp.  Anyone who wants to comment has to log into Facebook and stay logged in.

The records can be an aggregate of all the “comments, likes, reactions, account names, Facebook IDs and more,” as UpGuard described it. It may even store any and every comment ever posted on the platform.

Facebook Opens its First Innovation Lab In Pakistan!

According to UpGuard, the records do not contain any Facebook passwords or does not offer any insiders or pathway to Facebook accounts, however, it is a mine for those who are looking for other user data.

The second set of data was collected by At the Pool, a failed social-media startup aimed at ‘pooling’ people with common interests who happen to be close to one another geographically. At the Pool required Facebook authentication, similar to Tinder.

The set contained data about approximately  22,000 Facebook users including their Facebook user ID, likes, friends, photos, groups, and interests. Plaintext passwords were included, but they weren’t Facebook passwords.

The passwords are presumably for the ‘At the Pool’ app rather than for the user’s Facebook account, but would put users at risk who have reused the same password across accounts,-UpGuard blog post notes

The data exposed in each of these sets would not exist without Facebook, yet these data sets are no longer under Facebook’s control – the UpGuard post says in conclusion

“The Facebook platform facilitated the collection of data about individuals and its transfer to third parties,” it adds. “The responsibility for securing [Facebook user data] lies with millions of app developers who have built on its platform.”

This information just may be the tip of the iceberg with more waiting to be uncovered.

Stay tuned to Brandsynario for more news and updates.

Netflix Price Increases Once AGAIN!