On Wednesday the cybersecurity firm, UpGuard revealed that they had discovered publicly available data sets that exposed hundreds of millions of Facebook user records.
UpGuard found that the records originated from “Cultura Colectiva”, a media company in Mexico. The 146 gigabytes contained multiple sects of Facebook user records including comments, likes, reactions, Facebook id’s and account names.
The team also found a second database linked to an integrated Facebook app. The data set named “At the Pool”, contained different and more sensitive information. This includes, user id, users, friends, likes, music, movies, books, photos, events, groups, interests and even passwords.
The passwords are presumably for the “At the Pool” app rather than for the user’s Facebook account, but would put users at risk who have reused the same password across accounts.
The security firm found both sets of data in unsecure Amazon s3buckets. This means anyone could easily access them as long as they knew where they were. Fortunately, they are no longer online.
The “At the Pool” discovery is the smaller of the two sets but it still holds over 22,000 records of plain text unprotected passwords. Ironically, is that it follows Facebook’s efforts to limit access to third party applications. UpGuard added their own rhetoric on the ironic circumstance.
“But as these exposures show, the data genie cannot be put back in the bottle. Data about Facebook users has been spread far beyond the bounds of what Facebook can control today. Combine that plenitude of personal data with storage technologies that are often misconfigured for public access, and the result is a long tail of data about Facebook users that continues to leak.”
The data sets don’t coincide on their update times nor their data points. They do, however, share a lot of the same information on users “describing their interests, relationships, and interactions, that were available to third party developers.”
What This Could Mean For the Digital You
Any time you place your information online you are placing it at risk.
So what can you do outside of stopping your involvement with online services? For starters, make sure you are following our blog so you stay up-to-date on what is happening in all areas involving the Digital You.
Remember, that even when you take precautions, your information could still end up in marketplaces on the Dark Web.
With ScoresMatter, you can scan the Dark Web and see if criminals are trading or selling your personal details. You can also learn what you can do if we do find your information on the Dark Web.
Protect the digital you at ScoresMatter today.