Facebook Does It Again: Leaked Personal Data For Years

Must Read

Apple Has Finally Found The Right Partners To Launch Apple Cars By 2025

Rumours of a possible Apple Car in the making has been doing rounds for quite some time. But so...

IT Job Seekers Rejoice: Infosys To Hire 24,000 People From India!

IT job seekers can rejoice as there's a massive opportunity headed their way. The news related to Jobs at...

Google’s Dirty Secret Has Left Android Users In Australia Stunned, Strikes Back!

After going head-to-head with Google to make the search giant agreeing to its Media Bargaining Code, Australia is now...

Time and again, Facebook is at center of criticism for accidentally leaking personal information of users to advertisers and other third parties for years. It has been learned by Symantec that Facebook was unintentionally giving way for hackers to gain access over thousands of users’ profile from last four years – Since company started offering applications on its platform in 2007.

The unintended access included Photos, profile, chat and the ability to post message and mine personal information. Though, Facebook has claimed to address this issue and denied to obtain any evidence that any actual data was leaked due to such flaw, it puts the company’s services & security measures back on debate board.

Symantec has claimed that “security process which allows access to any third-party application” holds (was) major flaw. However, there are chances that many third-party app developers didn’t realize such security threat.

Advertisements

Generally Facebook assigns a “Token” to every third-party application using which app can access user’s information. These tokens are valid for certain time duration – in some cases until user change his password. Though, Facebook has started using OAUTH2.0, legacy authorization system is still in place and getting used by many app developers. Symantec explains that possible leak of these tokens happens when user get redirected to permission page through a client side redirect with this token code integrated in URL using normal HTTP access.

To encounter this exposure Facebook has released a clarification email stating “We’ve conducted a thorough investigation which revealed no evidence of this issue resulting in a user’s private information being shared with unauthorized third parties,” Interestingly, they didn’t bother to mention how exactly the company conducted its study.

Earlier, Facebook has been criticized several times for various security loop holes and failing to take adequate measurement for users’ personal date. In January this year, it was Mark Zuckerberg – CEO of Facebook – who faced the heat when his fan page got hacked with the message “Let the hacking begin: If Facebook needs money, instead of going to the banks, why doesn’t Facebook let its users invest in Facebook in a social way? Why not transform Facebook into a ‘social business’ the way Nobel Prize winner Muhammad Yunus described it? [LINK] What do you think? #hackercup2011″.

Facebook has recently announced an update to their Developer RoadMap. The details of this update can be found here: https://developers.facebook.com/blog/post/497

LEAVE A REPLY

Please enter your comment!
Please enter your name here
Advertisements

Latest News

Facebook Is Waging A Full-Blown War Against Clubhouse!

Facebook is all set to wage a full-blown war against Clubhouse, the newest and hottest entrant in the social...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded and unparalleled...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter, with a...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one of the...

More Articles Like This