Oops? Qquiz app on Facebook exposes personal data of 120 million users publicly available
A security researcher from Belgium discovered that personal data of more than 120 million Facebook users worldwide was publicly accessible to third parties. The data was collected by a quiz app called Nametests that is developed by the German company Social Sweethearts.
The leak existed for several years and data remained accessible even when the app was uninstalled reports myce. Nametests is a popular quiz app on Facebook which can be used to answer questions like, “what fairy tale woman are you, “what’s the first thing others notice about you” and “how you look like in a drawing”.
Belgian security researcher Inti de Ceukelaire found out that as soon as the app was installed on Facebook, it started to collect all kinds of personal data. This data included birth date, full name, city of residence, photos, friends and messages. De Ceukelaire found that once the app retrieved the data it could be accessed by any third-party that requested it. The data was available because it was retrieved in an unsecure way and anyone with some technical knowhow could therefore access it.
Although the leak potentially allowed cybercriminals to obtain data of millions of users, De Ceukelaire states he doesn’t know whether the leak has been abused. Both Facebook and Social Sweethearts have stated that they worked on fixing the leak together and that there are no indications that the data has been stolen and abused.
De Ceukelaire received a bounty of $4,000 which Facebook doubled because De Ceukelaire donated the bounty to the non-profit organization Freedom of the Press Foundation.
Senior Member
Posts: 6073
Joined: 2011-01-02
facebookers got "facebooked".
Junior Member
Posts: 19
Joined: 2018-05-28
Well that is the prize of using facebook for that long. Congratulations Prince Zuckerbgerg is giving you the benefits without asking.
Senior Member
Posts: 11809
Joined: 2012-07-20
I wonder if I did receive email from Facebook according to GDPR leak rules. Oh w8, I do not click weird apps or any apps there. Oh w8, my fiends do. (My friends lost an 'R' by using those apps.)
But w8, I do not have any real personal information on facebook. But w8, my fake information could have been leaked.
I so do not know what to do now.
But I am sorry for people who live on social media.
Senior Member
Posts: 586
Joined: 2015-05-03
Not surprising. I mean people freely have their personal information entered on the site but they also have no clue how to set their privacy settings so this does not happen.
Senior Member
Posts: 13307
Joined: 2014-07-21
Oh, another app that did a "facebook" (exposing personal data without consent, and yes I'll coin that term for me now).