Another Day, Another Story About Exposed Facebook User Data

“The data genie cannot be put back in the bottle.” That’s the takeaway from the latest story of Facebook’s reckless data sharing.

This time around, cybersecurity firm Upguard found two publicly available Facebook user datasets, originally shared with third-party app developers who failed to safeguard them. Mexico-based media company Cultura Colectiva stored hundreds of millions of records on Amazon’s servers, and Facebook-integrated app At the Pool, now defunct, left the plain-text passwords of 22,000 users of that app in plain sight.

Particularly concerning is that Upguard reportedly notified Facebook of the Cultura Colectiva exposure in January and was ignored. It wasn’t until the company notified Amazon of the issue in late January that the latter company went to Cultura Colectiva, and the situation was not resolved until Wednesday.

While we don’t yet know if any nefarious activity took place as a result of this latest news of Facebook user information’s exposure to third parties, the bottom line, as per the pithy genie line above, is that Facebook handled user data so recklessly for so long that there’s no guarantee the company can prevent exposure going forward. That means, potential regulations for which Mark Zuckerberg is now calling notwithstanding, the end of the Facebook privacy-breach saga is likely not in sight.