Millions of Facebook Records Exposed on Amazon Cloud Servers

MacRumors

macrumors bot
Original poster
Apr 12, 2001
46,727
8,945



Millions of Facebook records were found on publicly accessible Amazon's cloud servers by researchers at UpGuard, a cybersecurity firm, reports Bloomberg. The data was uploaded by third-party companies that work with Facebook.

Mexico City-based media company Cultura Colectiva, for example, was storing 540 million records on Facebook users on Amazon's servers, offering up information that included identification numbers, comments, reactions, and account names.


A now-defunct app called At the Pool shared sensitive data like names and email addresses for 22,000 Facebook users.

Facebook did not leak this data, but it did provide the data to the third-party companies that went on to improperly store it with no oversight from Facebook. For years, Facebook provided extensive customer information to advertisers and partners, and while the company has since cracked down on the amount of data it shares, the previously obtained information is still widely available.
"The public doesn't realize yet that these high-level systems administrators and developers, the people that are custodians of this data, they are being either risky or lazy or cutting corners," said Chris Vickery, director of cyber risk research at UpGuard. "Not enough care is being put into the security side of big data."
Facebook's prior data sharing habits allowed any app on the site to obtain information from the people using the app and their friends in many cases, which led to the scandal that saw Cambridge Analytica illicitly using personal data acquired from Facebook to create targeted political advertisements in the 2016 election.

Facebook has since modified its privacy policies and has cut down on the access that apps have. Facebook has also suspended hundreds of apps and began audits to make sure data isn't being mishandled.

In response to the public Facebook data found by UpGuard, a Facebook spokesperson told Bloomberg that its policies prohibit the storing of Facebook information in a public database, though there is apparently little oversight from Facebook. Facebook did work with Amazon to take down the databases that were sharing data publicly after UpGuard's discovery.

Article Link: Millions of Facebook Records Exposed on Amazon Cloud Servers
 

JustinM80

Suspended
Feb 16, 2019
37
31
I found myself all over the internet right after the election. I had to place fraud alerts on my credit report and I had to go to court because some scammer racked up $40k in credit cards that I never even applied for. Crap like this happens all the time and there’s little a person can do about it.
 

jsmith189

macrumors 68000
Jan 12, 2014
1,562
2,853
I use Facebook with a complete understanding that any and everything on there is being sold and likely improperly used. Instagram too. That's why I don't link credit cards and FB has its own individual password. Having said that, I know apps share their data too, so FB probably have it all anyway.

Zuck is the literal devil.
 

ChrisMoBro

macrumors 6502
Oct 31, 2016
486
1,934
I found myself all over the internet right after the election. I had to place fraud alerts on my credit report and I had to go to court because some scammer racked up $40k in credit cards that I never even applied for. Crap like this happens all the time and there’s little a person can do about it.
Bloody hell, that’s awful! Hope it’s all sorted now.
 
  • Like
Reactions: thewhitehart

talisto

macrumors newbie
Jun 26, 2007
15
12
I have no huge love for Facebook, but this article title is blatantly false. Facebook didn't expose millions of records on Amazon's cloud servers, one of their 3rd party partners did, and the article states that in the first line, so why is the title "Facebook Exposes Millions of Records on Amazon Cloud Servers"??

The article also craps on Facebook saying there's "apparently little oversight from Facebook", as if to imply that they'd somehow be able to stop these 3rd parties from mismanaging their data, but how could they possibly know what and where their data is being stored once it leaves their APIs? The company violated Facebook's T&C's, I'm not sure how they'd have the authority or ability to "audit" that.

EDIT: CNN's title for the same article is "Hundreds of millions of Facebook records exposed on Amazon cloud servers". That seems much more appropriate?
 
Last edited:

cmaier

Suspended
Jul 25, 2007
14,486
9,156
California
And they do that with my Facebook login and password how? Did i miss the screen where i input my SS# into Facebook's database?
This is app data. If you have participate in memes you have likely given up information like birthdate’s, answers to common financial website security questions (“your porn name is your first pets name combines with the street you grew up on”), etc.
 
  • Like
Reactions: chfilm and D.T.

tbayrgs

macrumors 604
Jul 5, 2009
6,553
3,480
Completely deleting my accounts from all Facebook properties over the past 12 months is easily the best tech move I've made recently. Right behind that kicking Amazon to the curb and starting my move away from Apple's ecosystem.
 
Last edited:

keifer123

macrumors newbie
Oct 7, 2013
28
42
Canada
I don't know if deleting your account from Facebook will help you not become a victim. I read it somewhere that Facebook retains your information on their servers.

Completely deleting my accounts from all Facebook properties over the past 12 months is easily the best tech move I've made recently. Right behind that is starting my move away from Apple's ecosystem.
 
  • Like
Reactions: Kris28

tbayrgs

macrumors 604
Jul 5, 2009
6,553
3,480
I don't know if deleting your account from Facebook will help you not become a victim. I read it somewhere that Facebook retains your information on their servers.
Well then that's one more thing they're lying about doing...

Point is that I'm not giving them any additional opportunities to violate my privacy.
 

ozarkcanoer

macrumors newbie
Sep 21, 2012
27
26



Millions of Facebook records were found on publicly accessible Amazon's cloud servers by researchers at UpGuard, a cybersecurity firm, reports Bloomberg. The data was uploaded by third-party companies that work with Facebook.

Mexico City-based media company Cultura Colectiva, for example, was storing 540 million records on Facebook users on Amazon's servers, offering up information that included identification numbers, comments, reactions, and account names.


A now-defunct app called At the Pool shared names, passwords, and email addresses for 22,000 Facebook users.

Facebook did not leak this data, but it did provide the data to the third-party companies that went on to improperly store it with no oversight from Facebook. For years, Facebook provided extensive customer information to advertisers and partners, and while the company has since cracked down on the amount of data it shares, the previously obtained information is still widely available.Facebook's prior data sharing habits allowed any app on the site to obtain information from the people using the app and their friends in many cases, which led to the scandal that saw Cambridge Analytica illicitly using personal data acquired from Facebook to create targeted political advertisements in the 2016 election.

Facebook has since modified its privacy policies and has cut down on the access that apps have. Facebook has also suspended hundreds of apps and began audits to make sure data isn't being mishandled.

In response to the public Facebook data found by UpGuard, a Facebook spokesperson told Bloomberg that its policies prohibit the storing of Facebook information in a public database, though there is apparently little oversight from Facebook. Facebook did work with Amazon to take down the databases that were sharing data publicly after UpGuard's discovery.

Article Link: Facebook Exposes Millions of Records on Amazon Cloud Servers
We are Facebook's product. It's behavior is what we should expect. So keep information you put on and save to Facebook to the minimum. Your photos, activities, likes, dislikes may (will?) become known to bad actors.
 
  • Like
Reactions: eltoslightfoot