Facebook's security problems are unstoppable.
Cybersecurity firm UpGuard just reported the existence of 540 million records, including Facebook users’ account names, identification numbers and social activity. The records were being openly stored in Amazon’s cloud computing service by a Mexico City-based digital media firm named Cultura Colectiva.
UpGuard also found a smaller cache of records belonging to a second third-party developed Facebook app At the Pool. Those records belonged to about 22,000 Facebook users, according the firm.
“Each of the data sets was stored in its own Amazon S3 bucket configured to allow public download of files,” UpGuard reports. Among other open questions, UpGuard could not say how long the records have been available.
It is no secret that Facebook openly shared user information with app developers for years, more recently reining in the practice.
Yet, as UpGuard notes, Facebook’s long-held data-sharing policy is likely to haunt the company for years.
“As these exposures show, the data genie cannot be put back in the bottle,” it writes. “Data about Facebook users has been spread far beyond the bounds of what Facebook can control today.”
“Combine that plenitude of personal data with storage technologies that are often misconfigured for public access, and the result is a long tail of data about Facebook users that continues to leak,” UpGuard adds.
Since first being rocked by the Cambridge Analytica controversy last year, Facebook has suffered a series of privacy mishaps.
Most recently, Facebook said the passwords of hundreds of millions of users might have been exposed to its own employees.