Jump directly to the content
IN PLAIN SIGHT

Facebook ‘left HALF A BILLION users’ private data exposed on Amazon’s cloud servers in latest security breach’

At least 540million records on Facebook users have been stored on the servers and includes information like identification numbers, comments, reactions and account names

HALF a billion records of Facebook users' private data have been sitting in plain sight on Amazon cloud servers, security researchers have revealed.

The shocking discovery was made by researchers at UpGuard, a cybersecurity firm, according to .

 Researchers at UpGuard found that huge amounts of user data was being stored on the servers
3
Researchers at UpGuard found that huge amounts of user data was being stored on the serversCredit: Getty Images - Getty

The revelation is just the latest of security blunders by the social media giant.

It comes just a year after the Cambridge Analytica scandal exposed just how unsecure Facebook users' information was when it was revealed more than 87m users' date had been collected and shared with the Trump-affiliated campaign research firm.

Researchers found that Cultura Colectiva, a media company based in Mexico City, openly stored 540million records on Facebook users with the information including identification numbers, comments, reactions and account names.

The database has since been closed after Facebook was alerted.

Data from 22,000 users of the now-defunct Facebook-integrated app At the Pool was also stored on the Amazon cloud servers.

However the problem could even be more widespread than that as UpGuard discovered 100,000 open Amazon-hosted databases hosting various types of data, some of which is suspects should not be public.

None of the cloud servers were password protected.

Chris Vickery, director of cyber risk research at UpGuard said: “The public doesn’t realise yet that these high-level systems administrators and developers, the people that are custodians of this data, they are being either risky or lazy or cutting corners.

"Not enough care is being put into the security side of big data."

Chris Vickery, director of cyber risk research at UpGuard

"Not enough care is being put into the security side of big data."

Researchers at the company wrote: "As Facebook faces scrutiny over its data stewardship practices, they have made efforts to reduce third party access.

"But as these exposures show, the data genie cannot be put back in the bottle. Data about Facebook users has been spread far beyond the bounds of what Facebook can control today."

A Facebook spokesperson said: “Facebook’s policies prohibit storing Facebook information in a public database."

They added there was no evidence to show the data had been misused but the company had launched an investigation.

Facebook has recently made moves to crackdown on its use of personal data.

 reported that a grand jury has subpoenaed records from at least two prominent makers of smartphones and other devices.
Both companies are among more than 150, including Amazon, Apple and Microsoft, that struck deals with Facebook for access to the personal information of hundreds of millions of its users.

Under the terms of those deals, Facebook reportedly allowed device makers access to friend lists, contact information, and sometimes even private messages — and not always with consent.

Facebook is facing a slew of lawsuits and regulatory inquiries over its privacy practices, including probes by the US Federal Trade Commission and two state agencies in New York.

Facebook said it was cooperating with investigators in multiple federal probes, without addressing the New York grand jury inquiry specifically.

"We've provided public testimony, answered questions, and pledged that we will continue to do so," Facebook said in a statement.

Facebook has defended the data-sharing deals, first reported in December, saying none of the partnerships gave companies access to information without people's permission.

Facebook ‘criminally investigated’ over deals that gave Apple and Amazon access to personal data’
 Cultura Colectiva hosted more than 540m records of user information on the clouds
3
Cultura Colectiva hosted more than 540m records of user information on the cloudsCredit: AP:Associated Press
 Facebook is facing a slew of lawsuits and regulatory inquiries over its privacy practices
3
Facebook is facing a slew of lawsuits and regulatory inquiries over its privacy practicesCredit: AFP or licensors
Facebook tells users if they had data stolen by Cambridge Analytica with 'protecting your information' link on news feeds


We pay for your stories! Do you have a story for The Sun Online news team? Email us at [email protected] or call 0207 782 4368. You can WhatsApp us on 07810 791 502. We pay for videos too. Click here to upload yours.