- A security breach in Facebook has again raised flames for experts at the company as hidden trackers can easily abuse “login with Facebook” feature.
- It’s lethal as trackers can easily harvest user’s data including gender, age, email address, username, and the profile picture.
- It is another massive security concern for the social networking site after Cambridge Analytica scandal.
- It makes it easy for unscrupulous companies to hijack the platform for harvesting the user data.
Such logins can easily get a user’s personal information from the website that is not only limited to name and gender but also goes beyond to the locale and other personal stuff that users share on their Facebook walls. There is no exact information further on how this data is exploited by trackers. But trackers are sure to sell personalized user’s information to other publishers in order to bring up customized services to respective walls of the users.
Image Source: Techcrunch
“Login with Facebook” is a feature that many of us use while signing in to a new website. With such a sign in, the procedure is simplified and users have the relief that they don’t have to scratch their heads to remember a set of new usernames and respective passwords. And that’s a significant relief.
A Facebook spokesperson brought light to this incident by quoting, “Scraping Facebook user data is in direct violation of our policies. While we are investigating this issue, we have taken immediate action by suspending the ability to link unique user IDs for specific applications to individual Facebook profile pages, and are working to institute additional authentication and rate limiting for Facebook Login profile picture requests.”
The issue was discovered by security researchers, one of whom wrote, "This unintended exposure of Facebook data to third parties is not due to a bug in Facebook's Login feature. Rather, it is due to the lack of security boundaries between the first-party and third-party scripts in today's web."
Meanwhile, in the research, professionals found trackers embedded in 454 sites. These are some of the top sites owing to Alexa traffic rank. The list also includes MongoDB. On this issue, MongoDB clarified to TechCrunch by saying, "We were unaware that a third-party technology was using a tracking script that collects parts of Facebook user data. We have identified the source of the script and shut it down."
The company is investigating the issue, and there is no official information available from the company on the same. However, a discovery of such a security issue has arrived at a critical time for Facebook when the company is still trying to build its image from the scratch after Cambridge Analytica scandal. CEO Mark Zuckerberg has already invested a lot to clean the image of its brand but the new issue seems to bring a whole new drama on board for the company.
Such revelations do nothing good other than causing massive concerns for users. Exploiting user’s data without their consent is nothing but punishable. While Facebook is again on the hot seat and we’ll have to wait to see how it gets out of this massive trauma.
You may also like: