Facebook has been at the epitome of social networking business since its origination.
However, things have not been on the sunny side for Facebook, especially for the past few weeks.
To start off, the social media giant was evidently found (or rather, caught!) asking its newbie users to share their registered email account passwords on their social platform.
Not surprisingly enough, this move raised a lot of eyebrows and brought the social media monster under the security radar yet again.
However, that seems to have been, but the tip of an iceberg, as the week got worse for Facebook with a massive privacy breach which directly affects and compromises millions of its user database.
More than half a billion records of the social networking mammoth have been found to have been breached and exposed on an unprotected cloud server based on Amazon.
The number of user database that has been evidently “compromised” adds up to 540 million to be precise.
What’s more intriguing about this massive privacy breach phenomenon is that the exposed datasets do not originate directly from Facebook; instead, these collections of exposed database originate from the other third-party Facebook app developers.
This certainly raises the question on the integrity and the validity of the Facebook-supported third-party apps.
On further investigations, a Cybersecurity firm, UpGuard has revealed that the apparent “leak” in the vital information traces back to two third-party apps.
The first was from a company called Cultura Colectiva, which is a media company based in Mexico.
The second was from a third-party app called “At the pool,” which is a facebook-integrated third-part app.
Both these platforms were responsible for compromising the private data of millions of Facebook users by leaving them publicly accessible on the internet.
The first dataset belonging to Cultura Colectiva comprised of more than 146GB of collected data containing the privacy details of over 540 million Facebook users.
The compromised data information consisted of private records such as likes, account names, comments, reactions, Facebook user IDs, and many more.
The second dataset from the Facebook-integrated app, “At the pool” exposed the other private details of the users such as likes, groups, friends, checked-in location, plaintext passwords, names, and even the registered email addresses of more than 22,000 active Facebook users.
The most concerning aspect of the data breach was clearly the exposure of the plaintext passwords.
However, the people from the UpGuard firm cleared the air stating that the password database found from the “At the pool” app was not the genuine password of the users Facebook account.
However, the straightforward fact that the vast majority of the people use the same password for multiple accounts or apps poses a serious threat, as many of those passwords may be linked directly to the respective user’s Facebook account as well.
Facebook, over the years, have faced their fair share of data privacy practice.
This is primarily contributed to the fact that the vast proportion of its active users trusts the platform to record and store their vital private information.
Facebook, therefore, has made multiple attempts and implemented various steps to curb down the influence of the third-party apps on its platform.
However, with this recent development and exposure of vital private data, it has become quite apparent that protecting and securing such magnitude of data is proving to be n the herculean task and becoming inflexible day-by-day for Facebook to manage and control the exposure of their innumerable user privacy details.
The magnitude of Facebook user data has proliferated up to such extent where Facebook themselves are proving incapable of controlling such a vast amount of information, as per the experts from UpGuard.
The exposed datasets from both the third party app were stored in an unsecured Amazon S3 bucket.
However, after the report from UpGuard, the platform has been taken offline to discourage any kind of inessential misuse of such exposed data. Facebook has since then contacted Amazon to avoid such trivial incidents in the near future.
, after the report from UpGuard, the platform has been taken offline to discourage any kind of inessential misuse of such exposed data. Facebook has since then contacted Amazon to avoid such trivial incidents in the near future.
This recent development of Facebook data exposure has certainly shed some negative spotlight on the social media platform.
However, this is not the first time Facebook has come under the radar due to the incompetence of third-party apps and companies.
The infamous “Cambridge Analytica scandal,” which compromised the private data of more than 87 million Facebook users is one particular incident which the platform would like to erase from its user’s memory.
The Cambridge Analytica was supposedly a political firm, and they succeeded in collecting the private data of more than 87 million users over a harmless quiz app.
Facebook is now facing a generous fine of £500,000 as a result of the scandal.
Due to the occurrence of such scandal and data leaks from numerous third-party apps and companies, Facebook has taken some strict privacy actions and implemented stern privacy controls to limit the access of data through any third-party apps.
However, with the base figure of more than 2.3 billion users worldwide, Facebook is certainly facing their fair share of problems trying to ensure better privacy and data security to its users.