The sensitive information of 540 million Facebook users has been exposed on Amazon Web Services. The breach was uncovered by cyber security firm UpGuard and includes things such as comments, FB IDs, and account names. The problem was discovered January 28th, and reported to AWS on February 1st.
UpGuard goes on to say that when it returned on February 21st to check up on the vulnerability and see that it had been fixed, its found that its warnings had gone unheeded. It was only after Bloomberg News contacted Facebook for comment on the breach on April 3rd that the breach was finally fixed.
Facebook Third Part App Security
In its assessment of the situation, UpGuard highlights the problem of user data vulnerability being inherent to Facebook’s app developers collecting information about users. The disconnect lies in the fact that although Facebook facilitates the data being transferred, it has no responsibility to subsequently ensure the protection of that data.
Facebook has been hit with a number of security breaches in recent memory. However, given the company’s business model of allowing third-parties access to their users, it’s unlikely that changes, if any, will be coming in the near future.