Security researchers have found hundreds of millions of Facebook user records sitting on an inadvertently public storage server.
The two batches of user records were collected and exposed from two third-party companies, according to researchers at security firm UpGuard, who found the data.
In the researchers’ write-up, Mexico-based digital media company Cultura Colectiva left more than 540 million records — including comments, likes, reactions, account names and more — stored on the Amazon S3 storage server without a password, allowing anyone to access the data. Another backup file on a separate storage server by defunct California-based app maker At The Pool contained even more sensitive data, including scraped information on more than 22,000 users, such as a user’s friends lists, interests, photos, group memberships and check-ins.
Source: TechCrunch