The security researchers have found hundreds of million of Facebook users records, which were found on an exposed public storage servers.
According to researchers at security firm UpGuard, “Two Batches of Users Were Collected and Exposed From Two Different Third Party Companies”.
According to the researchers write-up, Cultura Colective a Mexico based digital media company. which has left over 540 million users records.
These Facebook users records have included comments, likes, reactions, account names and more, and this all data is stored in Amazon S3 storage and without any password, which simply means that any individual from anywhere could easily access and check the users details.
Another backup file which was found on the separate storage server Defunct, which is California based app maker at The Pool that contained even more sensitive data.
These Facebook users data that includes scraped information on more than 22,000 users, such as user’s friend lists, interests, photos, group memberships and check-ins.
According to UPGuard Researchers, the company has not responded to requests to have the data removed.
Facebook has also contacted the Amazon to put the entire data offline, a Facebook spokesman has told the TechCrunch.
“Facebook’s policies prohibit storing Facebook information in a public database,” said the spokesperson. Facebook said there is no evidence yet to show the data has been misused but that it was investigating.
It seems to be the latest data lapse in the social media giant after the Cambridge Analytica scandal in 2018, which has more than 87 million Facebook user records that was scraped without the consent by the U.K.-Based Political Data Firm.
The company has illegally used the data to build the profiles on voters, which will help the presidential campaigns for Ted Cruz and later for Donald Trump.
UpGuard which has found a batch of scraped Facebook profiles which involves 48 million records in 2018 from LocalBlox, a data firm which scrapes data from social media profiles.
Chris Vickery, director of cyber risk research at UpGuard, told TechCrunch: “These finds continue to highlight the problems which plague companies that depend on mass data collection.”
“Storing personal information collected from end users is a liability,” said Vickery. “The more you have, the greater that liability becomes.”