Facebook's security
problems are unstoppable.
Cybersecurity firm UpGuard just reported the existence of 540
million records, including Facebook users’ account names, identification numbers and social activity. The records were being openly stored in Amazon’s cloud computing service by a Mexico
City-based digital media firm named Cultura Colectiva.
UpGuard also found a smaller cache of records belonging to a second third-party developed Facebook app At the Pool. Those records
belonged to about 22,000 Facebook users, according the firm.
“Each of the data sets was stored in its own Amazon S3 bucket configured to allow public download of files,” UpGuard
reports. Among other open questions, UpGuard could not say how long the records have been available.
It is no secret that Facebook openly shared user information with app developers for years,
more recently reining in the practice.
Yet, as UpGuard notes, Facebook’s long-held data-sharing policy is likely to haunt the company for years.
“As these exposures show,
the data genie cannot be put back in the bottle,” it writes. “Data about Facebook users has been spread far beyond the bounds of what Facebook can control today.”
“Combine that plenitude of personal data with storage technologies that are often misconfigured for public access, and the result is a long tail of data about Facebook users that continues to
leak,” UpGuard adds.
Since first being rocked by the Cambridge Analytica controversy last year, Facebook has suffered a series of privacy mishaps.
Most recently, Facebook said the passwords of
hundreds of millions of users might have been exposed to its own employees.