Facebook suspends app after discovering security holes that expose user data


An academic project conducted by researchers at Cambridge University has been suspended by Facebook after it was found that the data of some three million users had been compromised.

The project took the form of an app on Facebook known as myPersonality which allowed users to take psychological tests that revealed intimate details about themselves. The New Scientists reports that as many as six million users completed the tests and three million chose to share their Facebook data with the researchers.

This data was then anonymous and shared with others. To get access to the data one would have to register as a collaborator on the project, but companies could also pay to access the data though they weren’t allowed to earn money from it.

The trouble with all of this is that the Cambridge University researchers left the front door of their highly sensitive survey open.

Advert

There was reportedly a working username and password available online that allowed anybody with Google and the right keywords access to the personal, often intimate, data of some three million users. The long and short of it is that the data of that many users might have been exposed.

The myPersonality app had been collecting data for four years before it was suspended by Facebook last month.

Facebook vice president of product partnerships Ime Archibong told The Register, “We suspended the myPersonality app almost a month ago because we believe that it may have violated Facebook’s policies.”

This suspension is temporary but Facebook is investigating the app and will ban it permanently if refuses to co-operate or fails an audit.

The social network appears to be taking the misuse of user data by apps rather seriously. Since March of this year, Facebook has suspended some 200 apps that it suspects might have been misusing data.

Users will be informed as to whether their data was compromised by an application much like they were with the Cambridge Analytica saga.

Speaking as a Facebook user, perhaps it’s time to stop letting anybody that wants to collect data gain access to the database that is Facebook.

 

[Image – CC BY 2.0 Book Catalog]

Join the conversation

Advert