In the latest security gaffe for Facebook, millions of private records from the platform’s users have been found unprotected on Amazon’s cloud servers.
As reported by Bloomberg, the latest heap of unsecured private Facebook data was discovered by the cybersecurity firm, UpGuard. It is believed that the millions of user records were inadvertently uploaded to Amazon’s servers which are publicly accessible.
This latest security breach comes after Facebook was recently found to be receiving highly sensitive, personal health data from third-party apps, unbeknownst to users. It also suffered a flaw last December where photos that Facebook users hadn’t uploaded were accessible by third-party developers.
Third-party databases with access to Facebook’s data were the culprit. UpGuard found Cultura Colectiva had openly stored 540 million of the Facebook records. Facebook shut down the database after Bloomberg notified the company about the problem.
A more concerning public database called “At the Pool” included “names, passwords and email addresses for 22,000 people.”
Bloomberg notes that Facebook has had a long history of loosely sharing its data with third-party companies and it has only more recently started changing those habits.
In addition to the millions of private Facebook records that UpGuard has already found, the firm says that there are 100,000 public Amazon-hosted databases, so more private data is likely to be unintentionally out there.