No Privacy: Facebook User Pages Exposed To ‘3rd Parties’

X

Security experts Symantec has discovered a glitch in Facebook’s settings which allows advertisers access users private pages.

  The Social Network has accidently leaked ‘tokens’ to third parties which allowed them look at users profiles, pictures, chat and other private data , according to Nishant Doshi, from Symantec.

Doshi and colleague Candid Wueest first discovered the leak, and over the past 3 years hundreds of thousands of applications uploaded may have inadvertently leaked millions of access tokens to third parties.

The ‘tokens’ generally act as a backup method of accessing information and were leaked when uploading new web applications like games onto its platform.

20 million such apps are uploaded daily, and the breach is said to have been taking place since 2007.

“Third parties, in particular advertisers, have accidentally had access to Facebook users’ accounts including profiles, photographs, chat, and also had the ability to post messages and mine personal information” said Doshi in a blog.

“We estimate that as of April 2011, close to 100,000 applications were enabling this leakage. We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties.”

However, luckily, the third-parties which includes ‘advertisers and analytic platforms’ may not have realized their ability to access this information.

 

“We have reported this issue to Facebook, who has taken corrective action to help eliminate this issue,” Symantec confirmed. “Access tokens are like ‘spare keys’ granted by you to the Facebook application. Applications can use these tokens or keys to perform certain actions on behalf of the user or to access the user’s profile. Each token or ‘spare key’ is associated with a select set of permissions, like reading your wall, accessing your friend’s profile, posting to your wall, etc,” according to the blog.

Facebook also admitted the error, and have notified changes on their end to prevent such leakages from reoccurring.

ELX DIG Crosscat Promo 728x90 Mar25 No Privacy: Facebook User Pages Exposed To 3rd Parties
BEL2535 BPB024 4SQ Banners 728x90 No Privacy: Facebook User Pages Exposed To 3rd Parties
FLOODLIGHT 2024 Banner 728x90px No Privacy: Facebook User Pages Exposed To 3rd Parties
728x90 No Privacy: Facebook User Pages Exposed To 3rd Parties
GOTHAM 728px x 90px No Privacy: Facebook User Pages Exposed To 3rd Parties
250527 SAV Channel news June25 Leaderboard 728x90 1 No Privacy: Facebook User Pages Exposed To 3rd Parties
HAIER Series 600 FLW HPD Pairs 728x90 1 No Privacy: Facebook User Pages Exposed To 3rd Parties
Hisense KV BannerAd 728 90 No Privacy: Facebook User Pages Exposed To 3rd Parties
4Square Media Banner Ads Update at 5 July JSAU05JUL1 MR 728x90 1 No Privacy: Facebook User Pages Exposed To 3rd Parties
FA 979 HN MDF SG14 14gen 728x90 1 No Privacy: Facebook User Pages Exposed To 3rd Parties
Flick of a switch 728x90 1 No Privacy: Facebook User Pages Exposed To 3rd Parties
4Square Media Banner Ads Update at 5 July JSAU05JUL1 Buddy 728x90 1 No Privacy: Facebook User Pages Exposed To 3rd Parties
Uniden Channelnews SoloX July 2024 728x90 1 No Privacy: Facebook User Pages Exposed To 3rd Parties
BlueAnt 4SQM PumpAirUltra 728x90px No Privacy: Facebook User Pages Exposed To 3rd Parties
JBL TourPro3 728x90 No Privacy: Facebook User Pages Exposed To 3rd Parties
Px7 S3 728x90 1 No Privacy: Facebook User Pages Exposed To 3rd Parties
728x90 No Privacy: Facebook User Pages Exposed To 3rd Parties
Marshall 728x90 1 No Privacy: Facebook User Pages Exposed To 3rd Parties
Westan 728x90px No Privacy: Facebook User Pages Exposed To 3rd Parties
appliance retailer leaderboard may 728x90 Hitachi updated No Privacy: Facebook User Pages Exposed To 3rd Parties
ChannelNews AZ100 728x90 No Privacy: Facebook User Pages Exposed To 3rd Parties
AU X8 Banner 728x90 No Privacy: Facebook User Pages Exposed To 3rd Parties
MOTO 36331576 Q3 Ad Banners 728x90 2 No Privacy: Facebook User Pages Exposed To 3rd Parties
Skullcandy 728x90 1 No Privacy: Facebook User Pages Exposed To 3rd Parties
728 x 90 No Privacy: Facebook User Pages Exposed To 3rd Parties


YOU MAY ALSO LIKE