Over 540 million Facebook accounts leaked on Amazon
Cybersecurity firm UpGuard says a database containing information from more than 540 million Facebook user accounts is being leaked online.
Specifically, this data set is said to contain more than 146 GB of information data of more than 540 million Facebook user accounts. This includes information such as comments, likes, emoticons, account names, Facebook user IDs, etc.
The second leaked data set involved an app integrated into the Facebook platform called “At the pool” and exposed around 22,000 passwords.
The leaked database also contained data on users' friends, likes, groups, and places they checked in.
 |
Both of these data sets are stored in multiple buckets (a fancy term for the data storage part of cloud technology) of Amazon's simple, unsecured Amazon S3 cloud storage service.
Anyone could access the information without a password. After the incident was discovered, these buckets were either secured or taken down.
It is not yet known how long the data has been publicly available or how many times it has been accessed or downloaded from the server, but Facebook has contacted Amazon to disable access to it after being notified.
"Facebook strictly prohibits storing its information in public databases. We have worked with Amazon to take down that data. We are committed to working with developers on our platform to protect user data," a Facebook representative said.
Security experts are also advising all Facebook users, especially those who used the app at the Pool system, to immediately change their passwords. Just a few weeks ago, Facebook engineers discovered that the usernames and passwords of hundreds of millions of users were stored in plain text on one of its servers, accessible to thousands of employees.