Skip to main content

Another Facebook Breach Exposes Intimate Details of 3 Million People

Huge new Facebook data leak exposed intimate details of 3m user

We all know about how Cambridge Analytica, which harvested personal data through Facebook’s database, was caught a few months ago. A new shocking report somewhat related to this case has emerged which suggests that data of 3 million people gathered by another researcher has been available for free on the internet and could be downloaded by almost anybody for four years.

This time, the data was harvested through another personality app called myPersonality. New Scientist reported that this data harvest was overseen by University of Cambridge’s Psychometrics Center deputy director, David Stillwell for educational purposes and it was distributed among researchers over the web.
These scores are used in psychology to assess people’s characteristics, such as conscientiousness, agreeableness and neuroticism. The credentials also allowed access to 22 million status updates from over 150,000 users, alongside details such as age, gender and relationship status from 4.3 million people.
The personality test app was active from 2007 to 2012, it was a side project of David Stillwell and Michal Kosinski. Interestingly, Aleksandr Kogan was also previously a part of this project, however, do note that there’s no relation between Cambridge Analytica and the University of Cambridge even though they have similar names.

myPersonality

myPersonality was used by more than 6 million people who responded to its surveys and half of those users gave consent to the app to access their profiles.
By getting access, the app was able to monitor statuses, likes, demographics, and pretty much everything other than private messages or friends list. This app, however, respected anonymity and never disclosed names of the profiles. It distributed data solely for research purposes and never let the information be “traced back to the individual user”.

Sensitive Info

This does not mean that the data was useless, it contained sensitive material and psychological tests that can easily be misused if they got into the wrong hands. “This type of data is very powerful and there is real potential for misuse,” said Online Privacy Foundation’s Chris Sumner.
To gain access, you would have to register as a trustworthy collaborator – more than 280 entities, from 150 institutions including Microsoft, Google, and Facebook signed up to get access to the full data. A permanent academic contract was required to get the full data, individuals with no such background were not entitled to access.
This data was stored unprotected and could be easily albeit illegally accessed by almost anyone with a computer and a working internet connection.

Traceable

The data was crucial, even though the collectors assured that it could not be traced back to its owners, it was still quite possible for malicious users to narrow down their searches with the right tools and time due the poor security provisions.
“You could re-identify someone online from a status update, gender and date,” says Paul Dixon, from the World Privacy Forum
For those who were not entitled to myPersonality’s data, they could easily use someone else’s account credentials to get access to the rich database.
A lecturer posted his username and password on GitHub so that students can also use this data, anyone could use these credentials with minimal computer technique. When prompted, Stillwell defended his application by saying that,
myPersonality collaborators have published more than 100 social science research papers on important topics that advance our understanding of the growing use and impact of social networks. We believe that academic research benefits from properly controlled sharing of anonymised data among the research community.


Free Access

Facebook’s third-party data access did make it easier for users to connect, but also allowed critical leaks as information stored on its platform can be used for a number of purposes, both political and non-political, and is a vital asset for market researchers.
Facebook’s product partnerships VP, Ime Archibong said,
We suspended the myPersonality app almost a month ago because we believe that it may have violated Facebook’s policies. We are currently investigating the app, and if myPersonality refuses to cooperate or fails our audit, we will ban it.
The recent Cambridge Analytica allegations caused Facebook to overhaul its platform and get rid of hundreds of apps it found to be misusing data. myPersonality was removed off of the system during this overhaul but has been collecting data for quite some time now.
For a complete refresher on the Cambridge Analytica scandal, check out our previous coverage.
To read the full report by New Scientist, click this link.

Comments

Popular posts from this blog

Honda Launches the CR-V SUV in Pakistan

The 2018 Honda CR-V has been launched in Pakistan and it looks charming. Honda has finally launched the 2018 Honda CR-V in Pakistan. This Sports Utility Vehicle (SUV) has proven to be pretty popular around the world with an average of 300,000 units sold annually. In Pakistan, the Honda CR-V is gaining the popularity and attention of local auto enthusiasts. Honda CR-V 2018 was recognized as ‘2018 Motor Trend SUV of the year’ recently as well. The international model of CR-V has these four variants: Honda CR-V LX (Standard), Honda CR-V EX, Honda CR-V EX-L, Honda CR-V Touring. The CR-V offers pretty great features when you look at it. Let's take a look at what Honda Compact Recreational Vehicle (CR-V) has to offer. Exterior Because of its shiny new sporty-looking exterior, the vehicle is placed in small sports utility vehicle’s category. The exterior, no doubt, makes you want to look twice as some modifications to the previous model have been made. ...

Develop your own game by learning these free courses

We recently recommended courses you should learn before you will launch your first startup in order to avoid some common mistakes. In Quick Tips today, we’ll recommend you some free courses that will help you make your first game and begin your career as a developer. Before we highlight the details of the courses you ought to take, here are some introductory courses which will prepare you to learn these courses more effectively; Java Programming Basics  – Prepare yourself for programming on Android and the Web Introduction to JavaScript  – Create animations and understand variables and strings. When you have gone through those courses above then proceed to ones given below to develop your first game: 1. Create a 2048 game in just 1 day For those who have zero experience in programming and don’t want to take the above courses, then enroll in this course from Udacity. You will learn the basics of HTML and CSS as well as their interaction with JavaScript. ...

New iPhone X SE renders leave nothing to the imagination

iPhone SE 2 or whatever Apple may call it when it will be officially announced, looks quite close to becoming a reality. The Cupertino giant seems to be gearing up the launch of its next mid-range smartphone as the recent renders revealed by  Phone Arena  affirms the previous leak of  Olixar iPhone SE 2018  screen protector. Apple’s iPhone SE 2 that earlier surfaced in a hands-on video with a design quite identical to Apple’s tenth anniversary smartphone iPhone X, has recently been affirmed in renders by Phone Arena with quite an investigative report.  “The iPhone SE 2 is now rumored to have a similar bezel-less design, complete with a notch, just like the X, and is, indeed, closer to reality than ever before” , the report states. Nayatel Partners With Kaspersky to Offer Total Security to Its Users Apple’s iPhone X SE has been previously spotted in sketches posted by  BGR , which shows that the smartphone may featu...