Two separate exposures of sensitive information about Facebook users are the latest alarming discoveries by researchers at UpGuard. In both cases, the operators of third-party apps that connected to Facebook were storing data about people in Amazon Web Services S3 buckets configured for public access, said UpGuard, a Silicon Valley-based security company known for identifying misconfigured cloud services. One database originated with Mexico-based Cultura Colectiva, while the other was stored by the makers of an app called “At the Pool.” Both had been secured by Wednesday, UpGuard said. The Cultura Cultiva is the bigger of the two exposures, including 146 gigabytes of information about comments, likes, reactions, account names, Facebook IDs and more, UpGuard said. The “At the Pool” discovery, while not nearly as large, “contains plaintext (i.e. unprotected) Facebook passwords for 22,000 users,” UpGuard said. The company appears to have ceased operation in 2014, but this “should offer little consolation to the app’s end users whose […]
The post Third-party Facebook apps left people’s data publicly exposed, researchers say appeared first on CyberScoop.
Continue reading Third-party Facebook apps left people’s data publicly exposed, researchers say→