Facebook (NASDAQ:FB) had more than 540 million records regarding its users that were publicly exposed, according to a cybersecurity research firm.
UpGuard announced on Wednesday that this data was exposed on Amazon’s cloud computing service, as two third-party Facebook app developers posted these records for all to see. This marks the second such data breach for the social media site as the company faced a similar fate last year.
The firm said that a Mexico-based media company called Cultura Colectiva was to blame for the leak, exposing roughly 146 gigabytes of Facebook user data. This included account names, IDs, as well as details about comments and reactions to posts, although it’s unclear the number of individual users that had their data exposed.
There was also an app called At the Pool that exposed databases that included data regarding Facebook user IDs, friends, photos, as well as location check ins. The app also found unprotected Facebook passwords for 22,000 users. The app was designed to help people meet up for offline activities and it shut down in 2014.
UpGuard said it told Cultura Colectiva and Amazon about the breaches back in January, but no action was taken until yesterday morning. An Amazon “storage bucket” containing the data from Cultura Colectiva was reportedly secured, according to Facebook. The data from At the Pool made its way offline before UpGuard reached the business about it.
FB stock is up 1.3% Thursday.