Saturday, January 4, 2025
HomeCyber Security NewsFacebook Gave Users Personal Data Access including Private Messages to Amazon, Apple,...

Facebook Gave Users Personal Data Access including Private Messages to Amazon, Apple, Microsoft, Netflix, etc

Published on

SIEM as a Service

Facebook’s internal document shows that it gave users personal data access to some of the tech gaints including Amazon, Apple, Microsoft, Netflix, Spotify and Yandex.

Data access including users’ private messages and to see the names, contact details and activities of their friends.

A Facebook internal document that obtained by The New York Times which was generated by the companies internal system back to 2017.

- Advertisement - SIEM as a Service

This internal document contains details of tracking partnerships, provide the most complete picture yet of the social network’s data-sharing practices.

This data sharing campaign is to gain the mutual benefits also for Facebook growth and it got more users, lifting its advertising revenue.

Facebook experienced a potential data breach in last September that affected up to 50 million users and also it faced some of other security incidents.

Personal Data that Given to Tech gaints 

  • In this case, Facebook gave permission to Bing search engine to see the Facebook users name virtually all Facebook users’ friends without consent, the records show
  • Facebook gave access to Netflix and Spotify to read Facebook users’ private messages.
  • Amazon can able to access the names and contact information through their friends.
  • Yahoo view streams of friends’ posts as recently

According to the New York times report, the documents, as well as interviews with about 50 former employees of Facebook and its corporate partners, reveal that Facebook allowed certain companies access to data despite those protections. 

More than 150 companies were gain benefits and most of the companies are tech businesses, including online retailers and entertainment sites, but also automakers and media organizations.

Steve Satterfield, Facebook’s director of privacy and public policy, said none of the partnerships violated users’ privacy or the F.T.C. agreement. 

Former Facebook CSO Alex Stamos Tweets to disclose more details about what special access it provided to whom.”

https://twitter.com/alexstamos/status/1075297398342148097

“Facebook has found no evidence of abuse by its partners, a spokeswoman said. Some of the largest partners, including Amazon, Microsoft and Yahoo, said they had used the data appropriately, but declined to discuss the sharing deals in detail. “

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

LegionLoader Abusing Chrome Extensions To Deliver Infostealer Malware

LegionLoader, a C/C++ downloader malware, first seen in 2019, delivers payloads like malicious Chrome...

ASUS Critical Vulnerabilities Let Attackers Execute Arbitrary Commands

In a recent security advisory, ASUS has alerted users to critical vulnerabilities affecting several...

NTT Docomo Hit by DDoS Attack, Services Disrupted for 11 Hours

NTT Docomo, one of Japan’s leading telecommunications and IT service providers, experienced a massive...

Apple Agrees to $95M Settlement Over Siri Privacy Lawsuit

Apple Inc. has agreed to pay $95 million to settle a proposed class-action lawsuit...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

LegionLoader Abusing Chrome Extensions To Deliver Infostealer Malware

LegionLoader, a C/C++ downloader malware, first seen in 2019, delivers payloads like malicious Chrome...

ASUS Critical Vulnerabilities Let Attackers Execute Arbitrary Commands

In a recent security advisory, ASUS has alerted users to critical vulnerabilities affecting several...

NTT Docomo Hit by DDoS Attack, Services Disrupted for 11 Hours

NTT Docomo, one of Japan’s leading telecommunications and IT service providers, experienced a massive...