Millions of Facebook Records Found on Amazon Cloud Servers
Researchers at UpGuard, a cybersecurity firm, found troves of Facebook user information hiding in plain sight, inadvertently posted publicly on Amazon.com Inc.’s cloud computing servers. The discovery shows that a year after the Cambridge Analytica scandal exposed how unsecure and widely disseminated Facebook users’ information is online, companies that control that information at every step still haven’t done enough to seal up private data, Bloomberg News reports.
In one instance, Mexico City-based media company Cultura Colectiva openly stored 540 million records on Facebook users, including identification numbers, comments, reactions and account names. That database was closed on Wednesday after Bloomberg alerted Facebook to the problem and Facebook contacted Amazon. Facebook shares pared their gains after the Bloomberg News report.
Another database for a long-defunct app called At the Pool listed names, passwords and email addresses for 22,000 people. UpGuard doesn’t know how long they were exposed, as the database became inaccessible while the company was looking into it.
We pick up the story from ZeroHedge. TLB ed.
Zuck’d Again: Millions Of Facebook Records Found On Amazon Cloud Servers.
Facebook shares tumbled into the red after Bloomberg reported that user data is still showing up in places it shouldn’t.
As Bloomberg reports, researchers at UpGuard, a cybersecurity firm, found troves of user information hiding in plain sight, inadvertently posted publicly on Amazon.com’s cloud computing servers.
The discovery shows that a year after the Cambridge Analytica scandal exposed how unsecure and widely disseminated Facebook users’ information is online, companies that control that information at every step still haven’t done enough to seal up private data.
Coming just days after Zuckerberg urged the government to take over regulating his responsibilities and remove his accountabilities, Bloomberg notes that in one instance, Mexico City-based media company Cultura Colectiva openly stored 540 million records on Facebook users, including identification numbers, comments, reactions and account names.
The problem of accidental public storage could be more extensive than those two instances. UpGuard found 100,000 open Amazon-hosted databases for various types of data, some of which it expects aren’t supposed to be public.
“The public doesn’t realize yet that these high-level systems administrators and developers, the people that are custodians of this data, they are being either risky or lazy or cutting corners,” said Chris Vickery, director of cyber risk research at UpGuard.
“Not enough care is being put into the security side of big data.”
Notably, the UpGuard page that Bloomberg is referencing is now ‘404’…
A Facebook spokesperson said that the company’s policies prohibit storing Facebook information in a public database. Once it was alerted to the issue, Facebook worked with Amazon to take down the databases, the spokesperson said, adding that Facebook is committed to working with the developers on its platform to protect people’s data.
Bloomberg points out that this latest example shows how the data security issues can be amplified by another trend: the transition many companies have made from running operations predominantly in their own data centers to cloud-computing services operated by Amazon, Microsoft, Alphabet’s Google, and others.
[Pictorial content added by TLB]
The Liberty Beacon Project is now expanding at a near exponential rate, and for this we are grateful and excited! But we must also be practical. For 7 years we have not asked for any donations, and have built this project with our own funds as we grew. We are now experiencing ever increasing growing pains due to the large number of websites and projects we represent. So we have just installed donation buttons on our websites and ask that you consider this when you visit them. Nothing is too small. We thank you for all your support and your considerations … (TLB)
Comment Policy: As a privately owned web site, we reserve the right to remove comments that contain spam, advertising, vulgarity, threats of violence, racism, or personal/abusive attacks on other users. This also applies to trolling, the use of more than one alias, or just intentional mischief. Enforcement of this policy is at the discretion of this websites administrators. Repeat offenders may be blocked or permanently banned without prior warning.
Disclaimer: The Liberty Beacon contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to our readers under the provisions of “fair use” in an effort to advance a better understanding of political, health, economic and social issues. The material on this site is distributed without profit to those who have expressed a prior interest in receiving it for research and educational purposes. If you wish to use copyrighted material for purposes other than “fair use” you must request permission from the copyright owner.
Follow TLB on Twitter @thetlbproject