540 Million Facebook Records Left Exposed on Amazon Servers

breach alert - Facebook Data

What Happened?

On Wednesday, April 3, 2019, the cybersecurity company, UpGuard reported that it discovered two massive datasets containing information on more than 540 million Facebook users. The information had been uploaded to Amazon cloud servers by two separate third-party app developers and was left unprotected, open to access by anyone.

The first of these Facebook app developers is Mexico-based Cultura Colectiva, who was responsible for most of the exposed data. The company stored information including Facebook IDs and account names, along with user activity such as comments, likes, and reactions.

In the second batch of data found by UpGuard, a trove of backup data for a mobile app known as “At the Pool”, which went out of business in 2014, exposed the names, passwords, email addresses, and Facebook IDs of approximately 22,000 users.

Should I Be Worried?

This latest Facebook data breach shines a light on the trust we, as consumers, often put into large corporations around our privacy and security. Additionally, we must remain vigilant and not have blind trust in their ability to protect our sensitive personal information. Even though the data has since been removed by Amazon, if a cybercriminal gained access to it, they can easily resell it on the Dark Web or use it themselves to commit identity theft and fraud. 

3 Tips to Protect Yourself

  1. Access our Social Media Security Center. Review how you can protect yourself throughout various social media platforms, including adjusting your privacy settings.
  2. Change your passwords. If you have a Facebook account, be sure to change your password. And, if you’ve used that password on any other website or as part of any credentials elsewhere, change it there too.
  3. Be cautious about what you post. If you’re an active social media user, be careful about not oversharing personal or financial information. Once it’s exposed it can lead to identity crimes and fraud.

Continue following Fighting Identity Crimes to get the latest breach and scam updates, ID protection news & tips from our industry experts!

Follow us on social!
Facebook | Twitter | LinkedIn 


The views and opinions expressed in this article are those of EZShield Inc. alone and do not necessarily reflect the opinions of any other person or entity, including specifically any person or entity affiliated with the distribution or display of this content.

John is General Counsel and Chief Privacy Officer of Sontiq, the parent company of the EZShield and IdentityForce brands. He is a Certified Compliance...
Read more about John Burcham.

Leave a Comment.