Researchers Reveal Facebook users’ Information Left Exposed
Facebook recently faced privacy and security mishap following the leakage of users’ records to the public. Some of the information that got leaked includes comments and likes by the users and the names of users. Researchers said it was as a result of leakage by a third party company that uses cloud computing server owned by Amazon. UpGuard, a security firm disclosed the ordeal about an app developer who misused Facebook records such as user’s passwords.
According to Facebook, it is a violation of its policies by app developers to store information in a public database. It poses a risk to personal data left exposed to the public and developers. Facebook made it known to the people that they are working with app developers to secure people’s records. They are developing measures to restrict developers from accessing Facebook user’s information.
However, the fact that developers and the public can access users’ records is a contradiction to Facebook’s efforts to secure personal information. Previously, Cambridge Analytica, a political consultancy firm had admitted to accessing personal information from over 87 million Facebook users. They had used an app to access the information. It is after this revelation that UpGuard revealed that database of Facebook was not secure and developers could download users’ information. Researchers also made it clear that after accessing personal information, it can be stored forever by the person who obtained it.
Greg Pollock, UpGuard’s vice president, raised questions about Facebook’s ability to make things right and its ability to manage data that has already been leaked out. One of the organizations that were majorly affected by the leakage is Cultura Colectiva, a media company in Mexico which had stored records of its users in Amazon’s public server. Some of the information that was left accessible to the public includes people’s photos, music, locations, and likes. Pollock had notified the company that its records were accessible by the public, but he did not receive any response.
The other Facebook’s records leakage happened when At The Pool, a third party whose data leaked. It had stored its data such as names, emails, and passwords on Amazon’s servers. Data was exposed to the public and app developers before the company ended its operations in 2014. UpGuard further stated that Facebook users who used the same password on various sites were faced with a higher risk of exposure of personal information. When asked to comment about the ordeal, At The Pool did not respond to the request.
Daniel Peralta, Cultura Colectiva’s spokesman, said that Facebook gave the company records retrieved from pages that the company manages. Those records are available to all Facebook users, and there is no sensitive data. UpGuard also revealed that more than 540 million records belonging to Cultura Colectiva such as users’ comments, likes, and reactions leaked. However, users’ sensitive information such as passwords and emails were not among the leaked information. However, he did not give details to when the company acquired the records and why the company had passwords. The company further stated that they understand the importance of security of users’ information and hence they have put in place measures to protect records from users’ fan pages.
Bloomberg was the first to launch complaints about misappropriation of the users’ privacy leading to many investigations in the world. The company also led to the revelation that Facebook stores its users’ passwords in plain texts. It has prompted Mark Zuckerberg, Facebook’s Chief Executive Officer to thinking on ways of improving how users interact on Facebook and how to keep data more safely. He is supporting new measures put in place directed at controlling how technology websites access users’ personal information. He also added that new rules should be set to control how the internet is used.
Earlier before 2015, Facebook has put in place strict measures that prevented the leakage of personal information to other parties. It was until the Cambridge Analytica academic developer abused the rights that had been granted to him by Facebook. It is not clear whether Cultura Colectiva acquired people’s private information before 2015 or afterward. However, after the leakage that happened in 2018, Facebook has put in place more strict measures that restrict developers from accessing personal information. Due to the high demand for data by the public and other parties, it poses a significant risk since companies can sell such information and make huge incomes. It would be detrimental because much of people’s details would be in the public domain. Facebook is now reviewing all third-party apps to ensure that private information is safe and secure.