Jump to content

Over 540 Million Facebook User Records Were Found on Amazon Cloud Servers


The AchieVer

Recommended Posts

The AchieVer

Over 540 Million Facebook User Records Were Found on Amazon Cloud Servers 

Security researchers from the UpGuard Cyber Risk team have reported today that they’ve found two datasets with more than 540 million Facebook user records on the Amazon cloud servers. 

Security researchers from the UpGuard Cyber Risk team have reported today that they’ve found two datasets with more than 540 million Facebook user records on the Amazon cloud servers. 

Totaling 146GB of leaked data, the first dataset came from a Mexican-based media company called Cultura Colectiva and contained records of user activity, such as comments, reactions, likes, friends list, interests, groups, checkins, events, music, movies, photos, and more, as well as account names and Facebook IDs. 

The second leaked dataset appears to be a backup from a third-party, Facebook integrated app called “At the Pool,” which contained the same user activity as above and user passwords. However, the researchers said that the passwords appear to be from the third-party At the Pool” app rather than Facebook accounts. 

But, it users have used the same passwords on both their Facebook accounts and the third-party “At the Pool” app, they are currently at risk for someone to hack their accounts. The researchers also said that the data has been removed after they’ve contacted Facebook. 

“At the Pool ceased operation in 2014, and even the parent company’s website is currently returning a 404 error notice,” said the researchers. “This should offer little consolation to the app’s end users whose names, passwords, email addresses, Facebook IDs, and other details were openly exposed for an unknown period of time.” Facebook passwords of 22,000 users were exposed The user records found by the researchers in an Amazon S3 bucket, which was configured to allow download of files to anyone, contained Facebook passwords of 22,000 users. There’s no telling who had access to this data and how long it was exposed to the general public, so it is currently considered a high security risk. 

Therefore, we recommend all Facebook users, especially those who have used the “At the Pool” app, to immediately change their passwords. Just a few weeks ago, Facebook engineers discovered that the usernames and passwords of hundreds of millions of users were kept in plain text in one of their servers, accessible to thousands of employees.
 
 
 
 

 

Link to comment
Share on other sites


  • Views 375
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...