Facebook apps have exposed users’ data yet again.
This time around, security researches from UpGuard found that more than 540 million Facebook records were stored on a public Amazon database and exposed to the public.
The data contained extensive details, including people’s comments, likes, names and Facebook IDs.
According to the researchers, two third-party Facebook apps collected the data.
“Facebook’s policies prohibit storing Facebook information in a public database. Once alerted to the issue, we worked with Amazon to take down the databases. We are committed to working with the developers on our platform to protect people’s data,” a Facebook spokesperson told CNET in a statement.
This comes on the heels of several other significant security issues. In March, Facebook accidentally stored hundreds of millions of passwords in plain text.
The social network’s recent misstep is another example of its issues with third-party apps. Last year, the Cambridge Analytica scandal revealed just how much data third-party apps could access and store.
According to UpGuard, this data exposure was caused by Mexico-based media company Cultura Colectiva and another app called ‘At the Pool.’
UpGuard says it notified Cultura Colectiva in January but didn’t receive a response. The database remained unsecured until April 3rd when Bloomberg — which broke the story — reached out to Facebook.
As for At the Pool, the company behind the app stopped operating in 2014. However, the database remained online and accessible to anyone who could find it.
Further, the database contained photos, events and passwords, although UpGuard believes the passwords were for the app and not for Facebook. Still, that’s 22,000 passwords stored in plain text. Considering people often use the same password multiple times, that’s a significant issue.