Few weeks ago, Facebook was in the news for storing user passwords in plain text. This data were searchable and could be accessed by Facebook employees. This time, the privacy scandal has the data of over half a billion Facebook users exposed on an Amazon server that could be accessed by anyone.
According to tech security firm UpGuard, the private data of about 540 million Facebook users was left exposed on Amazon Web Services S3 buckets. The exposed data includes account names, comments, I.D numbers and account numbers. In some cases, some names, email addresses and passwords too were exposed.
Also Read: WhatsApp Co-founder Urges People To Delete Facebook
Unlike past security breaches, this particular one didn't have to do with Facebook's negligence but two third parties app dataset. The data leak came from a Mexico based news site called Cultura Colectiva and an app called At the Pool.
Cultura Colectiva noted in a statement:
"Neither sensitive nor private data, like emails or passwords, were amongst those because we do not have access to that kind of data, so we did not put our user's privacy and security at risk. We are aware of the potential uses of data in current times, so we have reinforced our security measures to protect the data and privacy of our Facebook fanpages' users"
Though Facebook said that it has worked with Amazon to remove the data, UpGuard noted that while the data from Cultura Colectiva was about 146GB in size, the passwords exposed by At the Pool is for the At the Pool app but could also place Facebook users who use the same password at risk.
"The At the Pool discovery is not as alarge as the Cultura Colectiva dataset, but it contains plaintext (i.e. unprotected) passwords or 22,000 users," UpGuard said. "At the Pool operation in 2014, and even the parent company's website is currently returning a 404 error notice. This should offer little consolation to the app's end users whose names, passwords, email addresses, Facebook IDs, and other details were openly exposed for the unknown period of time."