Facebook Bug Exposed Users’ Likes And Interests, And Their Friends Data Too

The existence of yet another Facebook vulnerability that affected user data was revealed this week by security company Imperva. This latest bug, which was resolved in May, allowed websites to gather private information from Facebook users—and their friends, too. Some of the information this bug exposed included likes, interests, demographics and more.

According to security researcher Ron Masas, hackers could’ve exploited a flaw in Facebook’s search results that left it vulnerable to attack. If users happened to visit a website run by bad actors, that site could’ve quietly embedded a tool called an IFRAME to collect that user’s information from their logged-in Facebook profile.

“This allowed information to cross over domains—essentially meaning that if a user visits a particular website, an attacker can open Facebook and can collect information about the user and their friends,” Masas said. “The vulnerability exposed the user and their friends’ interests, even if their privacy settings were set so that interests were only visible to the user’s friends.”

Thankfully, this bug was detected and eliminated back in May, and Facebook says that it has seen no signs of abuse. However, it’s still troubling that flaws this major are still routinely discovered in the largest social media platform in the world.



Recommended Resources

bitdefender Bitdefender 2019 solutions stop attacks before they even begin. Try 90 days free of Bitdefender Total Security 2019

PIAPrivate Internet Access is an award-winning, cost-effective VPN solution. The use of an anonymous and trusted VPN is essential to your online privacy, security and identity protection.

System Mechanic 14 – Make your computer run like new. Winner of 200+ Editor’s Choice awards!

Digital Rights Groups Want You To Know Why Facebook Posts Are Removed Previous post Digital Rights Groups Want You To Know Why Facebook Posts Are Removed Facebook Wants To Use Your Family Photos To Target Ads Next post Facebook Wants To Use Your Family Photos To Target Ads