Facebook’s security nightmares don’t seem to have an end in sight. As Cambridge Analytica scandal marks a year, Facebook has let another major security gaffe happen at its end, which has resulted in millions of private records of its users stay unprotected on Amazon’s cloud servers. Cybersecurity firm, Upguard discovered unsecured private data of Facebook servers being hosted on Amazon Web Services. It states that millions of user records were uploaded to Amazon’s servers and they were publicly accessible without any oversight. The timing of this revelation could not have been any worse as its CEO Mark Zuckerberg is making rounds of world leaders to discuss regulation that would favor the social media giant.
The details of this new security neglect by the company comes after it was found receiving highly sensitive and personal health data from third-party apps. The Wall Street Journal reported that this data collection practice was unbeknownst to users. In December, Facebook failed to fix an issue where photos not uploaded by users where accessible by third-party developers. Upguard found third-party databases with access to Facebook’s were responsible for this security breach.
Cultura Colectiva, according to Upguard, had openly stored 540 million Facebook records, leading to this security gaffe. After Bloomberg notified the company, Facebook shut down the database. The concern here is a public database named “At the Pool”, which included “names, passwords and email addresses of 22,000 people.”
Watch: Samsung Galaxy A30, Galaxy A50 First Look
This is not the first time that Facebook has shared its data with third-party companies without proper security elements in place. After Cambridge Analytica scandal, which exposed user data of about 87 million users, Facebook announced that it will change that practice. The security firm also notes that there are 1 lakh public Amazon-hosted databases and there is possibility of more public data being out there.