Categories
Amazon Apple Microsoft News privacy security Uncategorized

New Facebook security breach find millions of user records left on unencrypted Amazon servers

Adding to Facebook’s being unable to catch a break, security researchers have uncovered multiple instances of the company’s user data being exposed publicly on Amazon’s cloud servers.

It’s currently unknown as to which company is at fault, but in one example, one Mexican business, Cultura Colectiva, was found to be openly storing 540 million Facebook records including ID numbers, comments, reactions, and account names, according to security firm UpGuard. The database was shuttered on Wednesday, but only after Bloomberg contacted Facebook, which in turn spoke to Amazon.

Another example located a server with user names, passwords, and email addresses for roughly 22,000 people. The data was associated with a defunct app called “At the Pool,” and it was unknown as to how long the data had been exposed for.

The situation comes at a time when large tech firms are facing a number of data privacy scandals. These include data sharing deals with companies like Apple, Amazon, Microsoft, and Sony, plus people being able to look up strangers based on phone numbers submitted for two-factor authentication. In late March Facebook was found keeping “hundreds of millions” of unencrypted passwords on internal servers.

Facebook could potentially end up paying billions in U.S. fines as a result of these breaches. 

Stay tuned for additional details.

Via AppleInsider and Bloomberg