Security researchers today said they found data on 540 millions of Facebook users on Amazon's cloud servers.
The researchers safety from the team UpGuard Cyber Risk, reported today that they found a total of 146GB of data on Amazon's cloud servers, split into two large chunks. The first piece of data comes from a media company called Cultura Colectiva and contains archives of user activity such as comments, reactions, friends, interests, groups, checkins, events, photos and more, as well as Facebook account names and IDs.
The second piece of the leak appears to be one copy security from a third-party Facebook-integrated app called “At the Pool,” which included the same data with the previous track plus the users' passwords. However, the researchers said the passwords appeared to come from the At the Pool app, rather than the Facebook accounts.
But, the users have used the same passwords on both their accounts, i.e. Facebook and the “At the Pool” app, they risk losing their accounts. The researchers also said the data has been removed after contacting Facebook.
The At the Pool application stopped 2014 and the company website is currently returning an 404 error notification. This means that exposed names, passwords, emails, Facebook IDs and other details were open to each attacker for an unknown period of time.
Therefore, the security company recommends to all Facebook users, especially those who have used the application "At the Pool", to immediately change their passwords. Just a few weeks ago, engineers Facebok discovered that user names and passwords of hundreds of millions of users were kept as plain text on one of their servers and accessible to thousands of employees.