Facebook suffered a massive data breach that revealed tens of thousands of passwords and other sensitive information. But hey that's old news.
Facebook suffered a massive data breach that revealed tens of thousands of passwords and other sensitive information. But hey that’s old news. The largest social media has been making it to the headlines for all the wrong reasons in recent years. To be honest, we stopped counting the times Facebook screwed up in protecting users’ data.
In 2019 alone, this is the third time (or it isn’t?) Marky (aka Data Seller) Zuckerberg messed up big time. So just to be safe, we advise you to reset your passwords again.
So what did exactly happen? Cybersecurity researchers uncovered some unsettling findings regarding the ways in which Facebook treats its data records. The company has been storing everything from comments and likes to names and passwords in publicly-accessible Amazon cloud servers. Passwords were even stores in plain text. Yeah, this is rather unexpected from a company claiming to be a technology giant. And please please do not assume that the bad guys didn’t know about these public servers.
Upguard published their findings earlier today and oh boy, it is just painful to see Facebook never learns.
“One [dataset], originating from the Mexico-based media company Cultura Colectiva, weighs in at 146 gigabytes and contains over 540 million records detailing comments, likes, reactions, account names, FB IDs and more. […] A separate backup from a Facebook-integrated app titled “At the Pool” was also found exposed to the public internet via an Amazon S3 bucket. […] The At the Pool discovery is not as large as the Cultura Colectiva dataset, but it contains plaintext (i.e. unprotected) passwords for 22,000 users.”
Once contacted, the social media behemoth immediately took down the two datasets but yet it is disturbing to see how bad Facebook is at implementing basic security features. In an interview with TNW a representative of facebook said:
“Once alerted to the issue, we worked with Amazon to take down the databases. We are committed to working with the developers on our platform to protect people’s data.”
After the infamous Cambridge Analytica scandal, Facebook released a statement in which it promised not to share private data with third-party app providers. Too late Mark, too late my boy.