Facebook Inc. user data is still showing up in places it shouldn’t.Researchers at UpGuard, a cybersecurity firm, found troves of user information hiding in plain sight, inadvertently posted publicly on Amazon.com Inc.’s cloud computing servers. The discovery shows that a year after the Cambridge Analytica scandal exposed how unsecure and widely disseminated Facebook users’ information is online, companies that control that information at every step still haven’t done enough to seal up private data.In one instance, Mexico City-based digital platform Cultura Colectiva, openly stored 540 million records on Facebook users, including identification numbers, comments, reactions and account names. The records were accessible and downloadable for anyone who could find them online. That database was closed on Wednesday after Bloomberg alerted Facebook to the problem and Facebook contacted Amazon. Facebook shares pared their gains after the Bloomberg News report.Another database for a long-defunct app called At the Pool listed names, passwords and email addresses for 22,000 people. UpGuard doesn’t know how long they were exposed, as the database became inaccessible while the company was looking into it.Facebook shared this kind of information freely with third-party developers for years, before cracking down more recently. The problem of accidental public storage could be more extensive than those two instances. UpGuard found 100,000 open Amazon-hosted databases for various types of data, some of which it expects aren’t supposed to be public.“The public doesn’t realize yet that these high-level systems administrators and developers, the people that are custodians of this data, they are being either risky or lazy or cutting corners,” said Chris Vickery, director of cyber risk research at UpGuard. “Not enough care is being put into the security side of big data.”Related Stories:Facebook suspends tens of thousands of apps in response to Cambridge Analytica rowJudge lets Facebook privacy class action proceed, calls company’s views ‘so wrong’Big tech probes could break up firms, result in huge fines, or neitherCultura Colectiva is a digital platform that posts stories about celebrities and culture and largely targets a Latin American audience. The company’s website says it creates content through data and technology and has more than 45 million followers on Facebook, Instagram, Twitter, YouTube and Pinterest.Facebook for many years allowed anyone making an app on its site to obtain information on the people using the app, and those users’ friends. Once the data is out of Facebook’s hands, the developers can do whatever they want with it.About a year ago, Facebook Chief Executive Officer Mark Zuckerberg was preparing to testify to Congress about a particularly egregious example: A developer who handed over data on tens of millions of people to Cambridge Analytica, the political consulting firm that helped Donald Trump on his presidential campaign. That one instance has led to government probes around the world, and threats of further regulation for the company.Last year, Facebook started an audit of thousands of apps and suspended hundreds until they could make sure they weren’t mishandling user data. Facebook now offers rewards for researchers who find problems with its third-party apps.A Facebook spokesperson said that the company’s policies prohibit storing Facebook information in a public database. Once it was alerted to the issue, Facebook worked with Amazon to take down the databases, the spokesperson said, adding that Facebook is committed to working with the developers on its platform to protect people’s data.In the Cultura Colectiva dataset, which totaled 146 gigabytes, it was difficult for researchers to know how many unique Facebook users were affected. UpGuard also had trouble working to get the database closed. The firm sent emails to Cultura Colectiva and Amazon over many months to alert them to the problem. It wasn’t until Facebook contacted Amazon that the leak was addressed. Cultura Colectiva didn’t respond to Bloomberg’s request for comment.This latest example shows how the data security issues can be amplified by another trend: the transition many companies have made from running operations predominantly in their own data centers to cloud-computing services operated by Amazon, Microsoft Corp., Alphabet Inc.’s Google, and others.Those tech giants have built multibillion-dollar businesses by making it easy for companies to run applications and store troves of data, from corporate documents to employee information, on remote servers.Programs like Amazon Web Services’ Simple Storage Service, essentially an internet-accessed hard drive, offer clients the choice of whether to make the data visible to just the person who uploaded it, other members of their company, or anyone online. Sometimes, that information is designed to be public-facing, as in the case of a cache of photos or other images stored for use on a corporate website.These Are the Worst Corporate Hacks of All TimeOther times, it isn’t. In recent years, information stored on several cloud services — U.S. military data, personal information of newspaper subscribers and cell phone users — has been inadvertently shared publicly online and discovered by security researchers.Amazon in the last two years has beefed up protocols to keep customers from exposing sensitive materials, adding prominent warning notices, making tools for administrators to more simply turn off all public facing items, and offering for free what was formerly a paid add-on to check a customer’s account for exposed data.“Originally I would have put a lot of this on AWS,” said Corey Quinn, who advises businesses that use Amazon’s cloud at the Duckbill Group, a consulting firm. But since Amazon has taken steps to address the issue, companies like Cultura should be aware, he said. “With all of this in the news, and all of this continuing to come out, if you’re still opening AWS buckets [to the public], you’re not paying attention.”Amazon isn’t the only company that periodically gets caught up in cases of private records mistakenly made public. But it has a wide lead in the business of selling rented data storage and computing power, putting a spotlight on Seattle-based company’s practices. An Amazon Web Services spokesman declined to comment.Bloomberg.com

admin | 3216976577@qq.com

Related Posts

first_imgThe tables have turned for a chef, who has now found himself in hot water after Police found an unlicensed shotgun along with live cartridges at the mining camp where he works.Reports are that ranks of F Division (Interior locations) received reports that someone at the mining camp had an illegal weapon. The ranks descended on the camp at Kupang Backdam, Cuyuni River, Region Seven (Cuyuni-Mazaruni) at about 10:00h on Friday and found the man alone.A search was conducted on the mining camp and the police found an unlicensed shotgun along with 29 live cartridges and an empty cartridge casing. The 38-year-old chef was immediately taken into Police custody where he is said to be co-operating with the police in their investigation.In February of this year, the police arrested a miner who was found with an unlicensed revolver along with matching rounds of ammunition at Obama Road, Upper Mazaruni.Reports are that the ranks at the time were acting on information when they conducted a search on the miner and found the .38 revolver along with 10 matching rounds of ammunition.Also last month, a shopkeeper was also taken into Police custody when he was found to be in possession of a shotgun at the Makari Landing, Upper Mazaruni River.The Plaisance, East Coast Demerara (ECD) man was observed by ranks who were on patrol duties to be acting in a suspicious manner.While he was being approached, he was seen throwing a long object into some nearby bushes. When the said object was retrieved, it was found to be an unlicensed gun.last_img

first_imgThe woman, who allegedly threw muddy gutter water on a group of People’s Progressive Party Civic (PPPC) protesters on July 19, 2019, at Barrack and High Streets, Georgetown, had the charge dismissed against her. The case was dismissed after the Virtual Complainant failed to show up on Tuesday at the Georgetown Magistrates’ Courts to give evidence. The case was called on several occasions but the VC was a no-show.At the court hearing, Cassandra Amsterdam, 24, a cosmetologist who is a squatter at Lot 48 Barrack and High Streets, Georgetown, appeared before Magistrate Rondell Weaver, who dismissed the charge.Reports are on July 19, as hundreds of PPP supporters were protesting in front of the Guyana Elections Commission, Amsterdam hurled expletives at the protesters and then proceeded into her home, brought out a cutlass and threatened the peaceful protesters.The woman, along with others in the yard, were seen with knives in their hands threatening the protesters. Several of the protesters said that Amsterdam then took a bucket and dipped it in a nearby gutter and threw the muddy water at them. She then ran inside, picked up a pitchfork and proceeded to exit the yard with intentions of confronting the protesters.Police ranks who were stationed at the protest quickly disarmed the pregnant woman and arrested her. She was then taken away in handcuffs.During her first court appearance, the woman claimed that on July 19, her child was asleep and the protesters were making “a set of unnecessary noise in front her house”.Amsterdam further claimed that she threw a cup of clean water into the crowd but it did not catch anyone, after which she apologised for the act.last_img

first_imgThe RCMP say a yellow Volvo MCT125C compact track loader, bearing serial number 2206582, was stolen from Great West Equipment in Charlie Lake May 6, 2015.  The unknown suspect(s) removed the compact track loader from a secure, fenced lot and loaded it onto an unknown truck.The RCMP needs your help to identify any witnesses, the suspects, the suspect vehicle or any information related to the whereabouts of the stolen property.If you have any information, contact the RCMP at 250-787-8100.  You can also contact Crime Stoppers and remain anonymous by calling 1-800-222-8477.- Advertisement –last_img

Leave a Reply

Your email address will not be published. Required fields are marked *