Sensitive Data on 3 Million Facebook Users Potentially Exposed by Suspended App

From Facebook to Twitter and now back to Facebook – the past few months have seen some of the most popular social media platforms out there today struggling with securing consumer data. And just today, news broke that a new data breach has potentially exposed 3 million Facebook users’ data via an app called myPersonality. This is all because a username and password granting access to the data were insufficiently secured.

Any avid Facebook user knows that there are apps on the platform that act as fun little quizzes, games, or activities — myPersonality being one of them. myPersonality is a Facebook app/questionnaire that asks people about highly personal matters, as it is actually a psychometric test created by the University of Cambridge. But once users fill out the test, their information does not remain personal, as this data has been shared with almost 150 institutions and companies, including researchers at universities and firms like Facebook, Google, Microsoft, and Yahoo. What’s more, the login information used by these companies for accessing this data was posted publicly to Github, making it available to the public for the past four years.

Mind you, this data was scrubbed of users’ names before being given to the researchers, and these collaborators had to vow they wouldn’t de-anonymize the data before they obtained access to it. Regardless, Facebook has confirmed that it has temporarily suspended myPersonality and is investigating the app. “If myPersonality refuses to cooperate or fails our audit, we will ban it,” said Ime Archibong, Facebook’s Vice President of Product Partnerships. This is following Facebook’s statement earlier this week that it has suspended 200 apps and investigated thousands of others in case they misused people’s data.

So, while Facebook investigates myPersonality, what can users of the social media network do in the interim to ensure they’re secure? Start by following these tips:

  • Be selective about what you share. The best way to control where your information goes is by reducing the sources you share it with. That means not providing your personal information to every app that asks for it. Be strict and diligent, and only provide an app information when it’s crucial to the service or experience it provides.
  • Read the terms and conditions. If you are going to share your information out with an application or website, be sure you read the terms and conditions carefully. Though it may feel tedious, it’s important you know where your information is going and how it is being used.
  • Use comprehensive security. Even though this data was willingly given, it’s important you still lock down all your devices with an extra layer of security to help keep yourself safe. To do just that, use a comprehensive solution such as McAfee Total Protection, in addition to limiting the amount of personal data you post and share.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow me and @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

Introducing McAfee+

Identity theft protection and privacy for your digital life

FacebookLinkedInTwitterEmailCopy Link

Stay Updated

Follow us to stay updated on all things McAfee and on top of the latest consumer and mobile security threats.


More from Privacy & Identity Protection

Back to top