Facebook Flaw Allowed Thousands Of Developers To Gather Personal Data

5,000 developers were mistakenly allowed to gather information from people’s Facebook profiles after a time limit on their rights had expired, according to BBC News. Apps on Facebook are supposed to be prevented from accessing people’s personal data if the app has not been used for 90 days, but this lock-out has not always worked due to a flaw in how it recorded inactivity. Facebook gave an example of the error in action, explaining that if two Facebook friends had both used an app, and only one was still using it after 90 days, the app might gather personal information from the inactive friend. It also said that the information developers could access was restricted by the permissions users agreed to when they first signed up to the app.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Jake Moore
Jake Moore , Cybersecurity Specialist
InfoSec Expert
July 3, 2020 7:23 pm

Social media effectively acts as a double edged sword. The more personal data you put on Facebook, the more you will potentially gain from it. However, before placing data on an open forum such as social media, users must think twice about their privacy and realize that they could theoretically lose control of their information at some point in time.

Posting anything personal such as your birthday, address or your children’s information, means that this can be used against you in the wrong hands. Developers can be trusted, but if this flaw enabled them to view data behind permissions, it must be assumed that such restricted information is now out there.

Last edited 2 years ago by Jake Moore
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x