Millions of Facebook user data exposed on Amazon cloud server

Adjust Comment Print

In September 2017 for example it found the CVs of thousands of former U.S. military personnel, including hundreds with "Top Secret" security clearances, were left available on an Amazon S3 cloud storage repository.

Any organisation that shares data should be reviewing their API's to ensure controls are in place to limit sensitive data and regular audits be done on the third parties to ensure compliance to privacy regulations and IT security standards. Moreover, UpGuard researchers claim that these are only two of the databases that they have reported about and the extent of data exposure could be far more extensive since about 100,000 databases are hosted by Amazon.

The datais not stored by Facebook itself, but by two app developers who left it online, potentially exposing Facebook users to hackers, say Upguard security researchers who uncovered the two data hoards.

The majority of records - around 540 million users' data - was compromised by Cultura Cultive - a digital media company, based on Mexico. This same type of collection, in similarly concentrated form, has been cause for concern in the recent past, given the potential uses of such data.

Facebook has announced that it has removed all of the data that was lying exposed on Amazon servers.

A U.S. cybersecurity company said Wednesday that records of millions of Facebook users stored on Amazon's cloud servers were exposed to the public.

Unexpected rise in USA oil stockpiles steals the wind from Opec's sails
The API this week reported a draw in gasoline inventories for week ending March 29 in the amount of 2.6 million barrels. The next data to watch will be the official Energy Information Administration figures due at 1430 GMT Wednesday.

Beats Unveils Powerbeats Pro Truly Wireless Earbuds Powered by Apple H1 Chip
As to what kind of seal the Powerbeats Pro have, we'll just have to wait until we can actually get our hands on them to find out. Earlier, official Chinese third-party Apple sellers such as Alibaba's BABA Tmall and JD.com JD lowered prices for Apple devices.

The best deals you can score on National Burrito Day
Del Taco: Dowload the Del Taco Del app for a free half-pound Bean & Cheese Burrito with a minimum $5 purchase. Just show the cashier that you're following @dostoros , and you'll be swimming in the avo'.

It was not until the morning of 3 April after Facebook was contacted by Bloomberg for comment, that the database backup, inside an AWS S3 storage bucket titled "cc-datalake", was finally secured. When we receive an abuse report concerning content that is not clearly illegal or otherwise prohibited, we notify the customer in question and ask that they take appropriate action, which is what happened here.

After a series of inadvertent exposures of information stored on AWS's Simple Storage Service in recent years, the company made it more hard for its customers to make data public facing in the first place, peppering the service with warning notices when something is exposed, and giving administrators easier options to shut down open databases.

UpGuard found a batch of scratched Facebook profiles including 48 million records in 2018 from LocalBlox, a data firm that scrapes data from social media profiles.

Interestingly, in the case of the application At the Pool, the company responsible for the application sessions functions in 2014, while still making all this information accessible to anyone. According to UpGuard, the passwords are presumably for the "At the Pool" app rather than for the user's Facebook account, but would put users at risk who have reused the same password across accounts.

While Facebook has recently made announcements that they will take a privacy-first approach to user data, this seems to be more a response to avoiding Government oversight than genuine care for their users.

Security researchers have discovered hundreds of millions of Facebook user records sitting on an incidentally public storage server.

Comments