Facebook is facing yet another incident of users’ data being exposed, this is the latest in a number of data breaches since 2018.
Australian cybersecurity company, UpGuard, discovered a large cache of data during routine checks on the Amazon S3 servers containing more than 540 million Facebook user records including account names, ID numbers, reactions, and comments. In UpGuard’s write-up of the incidents, the company stated that the dataset had originated from Mexico-based media company, Cultura Colectiva.
The information was accessible to anyone visiting the public servers and was available for a number of months. Cultura Colectiva told Reuters in a statement, “We are aware of the potential uses of data in current times, so we have reinforced our security measures to protect the data and privacy of our Facebook fan pages’ users.”
A second, smaller dataset was also found, originating from an app called “At The Pool” which exposed approximately 22,000 Facebook user passwords. According to UpGuard, At The Pool had ceased operating in 2014 leaving the data exposed for an unknown length of time.
Facebook has said their policies prohibit data being stored on databases that are accessible to the public and that Amazon has since assisted them in removing the sensitive information.
Facebook is still currently under investigation by the Federal Trade Commission and could still face a hefty fine after it was found that 87 Million users personal data had been collected by Cambridge Analytica.
The Facebook data was not the only find during UpGuard’s examination of the Amazon servers as they also discovered 14 million Verizon customer records and records of 1.8 million Chicago voters among other confidential information.