It seems that the problems of the social network giant Facebook and the sharing of user data are endless. As now according to the latest reports, recently, a well-known and popular Quiz application on the social network giant Facebook’s platform accidentally exposed data of 120 million users.
OMG! This Quiz App Left 120 Million Facebook Users’ Data Exposed
The problems of the social network giant Facebook and the sharing of user data seems to be endless. After all the Cambridge Analytica scandal, and what the company has done to solve it, they insist on creating new worrying situations.
The latest one has emerged now and affects more than 120 million users who have seen their data and their friends’ data made public once again as a result of using a survey app.
The new problem came from the NameTests.com app, which created several questionnaires to get information from users. This time it was not a direct sharing, but a security breach that made this data accessible to anyone.
Discovered by security researcher Inti From Ceukelaire, the fault is in the way data is stored and access to it can have these. With simple code, it is possible to obtain all the detailed information of the users who used these questionnaires.
To prove the problem, and announce to the world its existence, Ceukelaire published in detail about the situation and created a video which shows how these data can be obtained.
In addition to this direct access to the data, it was revealed that these could be obtained even after the connection of this app to Facebook was removed, which proves that they were not deleted.
The NameTests.com questionnaires are used by more than 120 million users, this being the spectrum of users whose data has been accessible to obtain.
As soon as he discovered the problem, on April 22 of this year, Ceukelaire immediately reported it to the social network giant Facebook, which tried to change the way the website NameTestes.com processes the data it receives from the social network and the problem was solved last 25 of June.
Data Abuse Bounty report results in fixed third-party bug We wanted to call out a fix by nametests.com that happened…
As a reward for having discovered this flaw, and under the Data Abuse Bounty Program, a reward of $400,000 was awarded. Interestingly, and because the prize was offered to the Freedom of the Press Foundation, this went on to be $8000.
After reviewing and resolving the issue, NameTests.com has revealed that there is no evidence that this data has been exploited by third parties.
Even with these safeguards, it should be noted that the privacy policies of these apps state that the data used can be used to display advertising to users.
So, what do you think about this? Simply share all your views and thoughts in the comment section below.