No Privacy: Facebook User Pages Exposed To ‘3rd Parties’

X

Security experts Symantec has discovered a glitch in Facebook’s settings which allows advertisers access users private pages.

  The Social Network has accidently leaked ‘tokens’ to third parties which allowed them look at users profiles, pictures, chat and other private data , according to Nishant Doshi, from Symantec.

Doshi and colleague Candid Wueest first discovered the leak, and over the past 3 years hundreds of thousands of applications uploaded may have inadvertently leaked millions of access tokens to third parties.

The ‘tokens’ generally act as a backup method of accessing information and were leaked when uploading new web applications like games onto its platform.

20 million such apps are uploaded daily, and the breach is said to have been taking place since 2007.

“Third parties, in particular advertisers, have accidentally had access to Facebook users’ accounts including profiles, photographs, chat, and also had the ability to post messages and mine personal information” said Doshi in a blog.

“We estimate that as of April 2011, close to 100,000 applications were enabling this leakage. We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties.”

However, luckily, the third-parties which includes ‘advertisers and analytic platforms’ may not have realized their ability to access this information.

 

“We have reported this issue to Facebook, who has taken corrective action to help eliminate this issue,” Symantec confirmed. “Access tokens are like ‘spare keys’ granted by you to the Facebook application. Applications can use these tokens or keys to perform certain actions on behalf of the user or to access the user’s profile. Each token or ‘spare key’ is associated with a select set of permissions, like reading your wall, accessing your friend’s profile, posting to your wall, etc,” according to the blog.

Facebook also admitted the error, and have notified changes on their end to prevent such leakages from reoccurring.

MaxRanger4K Leaderboard 728x90 No Privacy: Facebook User Pages Exposed To 3rd Parties
728x90 we see oled CN No Privacy: Facebook User Pages Exposed To 3rd Parties
Haier 728x90 1 No Privacy: Facebook User Pages Exposed To 3rd Parties
240215 SAV R Volution CNewsFeb Leaderboard 1 No Privacy: Facebook User Pages Exposed To 3rd Parties
denon perl white 728x90 1 No Privacy: Facebook User Pages Exposed To 3rd Parties
JBL TourPro3 728x90 No Privacy: Facebook User Pages Exposed To 3rd Parties
iP16 4SQRmedia 970 x 90 px 03 No Privacy: Facebook User Pages Exposed To 3rd Parties
Olimpia Splendid Unico Cooling 728x90 1 scaled No Privacy: Facebook User Pages Exposed To 3rd Parties
FA 979 HN MDF SG14 14gen 728x90 1 No Privacy: Facebook User Pages Exposed To 3rd Parties
CHRISTMAS 2024 Banner 728x90px No Privacy: Facebook User Pages Exposed To 3rd Parties
728x90 No Privacy: Facebook User Pages Exposed To 3rd Parties
Westan 728x90px No Privacy: Facebook User Pages Exposed To 3rd Parties
WEB BANNERS5 scaled No Privacy: Facebook User Pages Exposed To 3rd Parties
PAN2664 ChannelNews Banner CM3 728x90px V1 No Privacy: Facebook User Pages Exposed To 3rd Parties
728 x 90 No Privacy: Facebook User Pages Exposed To 3rd Parties
Belkin Screen Protection 728 x 90 No Privacy: Facebook User Pages Exposed To 3rd Parties
728x90 No Privacy: Facebook User Pages Exposed To 3rd Parties
Litheaudio 728x90 No Privacy: Facebook User Pages Exposed To 3rd Parties
hitachi banner 728x90 No Privacy: Facebook User Pages Exposed To 3rd Parties
Emberton III BLACK 728x90 without CTA@2x No Privacy: Facebook User Pages Exposed To 3rd Parties
BlueAnt 4SQM PumpAirUltra 728x90px No Privacy: Facebook User Pages Exposed To 3rd Parties
05 Channel New Banner T30S COMBO 728x90 No Privacy: Facebook User Pages Exposed To 3rd Parties


YOU MAY ALSO LIKE