Facebook user records found exposed on Amazon cloud service
- Author: Anthony Vega Apr 06, 2019,
Apr 06, 2019, 0:45
The data, which is a total of 146 gigabytes in size belonged to Mexico-based media company Cultura Colectiva, the report adds. "Once alerted to the issue, we worked with Amazon to take down the databases".
Cultura Colectiva spokesman Daniel Peralta said in a statement that all the data provided to the company by Facebook was gathered from the fan pages the company manages as a publisher, which is "public, not sensitive, and available to all users who have access to Facebook".
How much data do these buckets contain?
Amazon did not immediately respond to requests for comment.
The data from At the Pool went offline before UpGuard reached out about it.
At the heart of the matter are two third-party app datasets stored on Amazon S3 buckets containing reams of Facebook users' info. But as these exposures show, the data genie can not be put back in the bottle, ' the company explains. "Data about Facebook users has been spread far beyond the bounds of what Facebook can control today".
Well, it's hard to say. In addition, you lose nothing in changing the password on a regular basis. As UpGuard says, the data genie can not be put back in the bottle.
According to UpGuard, all information found was collected by two applications, Collective Culture and At the Pool.
"The data exposed in each of these sets would not exist without Facebook, yet these data sets are no longer under Facebook's control", the UpGuard post says in conclusion.
Then in November 2017 UpGuard found "critical data" belonging to the USA army on virtual image of hard disk left on an AWS server, without password protection.
The exposure of Facebook's data also illustrated a hard reality: Once accessed or obtained, personal data can live forever.
The incident puts Facebook in a particularly bad position.
UpGuard argues that, while the two third-party developers are responsible for the breaches themselves, Facebook can not escape blame.
But when the researchers checked again on 21 February they discovered the data was still not secured, and an email was to Amazon Web Services.
Another day, another Facebook privacy scandal.