Friday, April 4, 2025
HomeCyber Security NewsFacebook Gave Users Personal Data Access including Private Messages to Amazon, Apple,...

Facebook Gave Users Personal Data Access including Private Messages to Amazon, Apple, Microsoft, Netflix, etc

Published on

SIEM as a Service

Follow Us on Google News

Facebook’s internal document shows that it gave users personal data access to some of the tech gaints including Amazon, Apple, Microsoft, Netflix, Spotify and Yandex.

Data access including users’ private messages and to see the names, contact details and activities of their friends.

A Facebook internal document that obtained by The New York Times which was generated by the companies internal system back to 2017.

This internal document contains details of tracking partnerships, provide the most complete picture yet of the social network’s data-sharing practices.

This data sharing campaign is to gain the mutual benefits also for Facebook growth and it got more users, lifting its advertising revenue.

Facebook experienced a potential data breach in last September that affected up to 50 million users and also it faced some of other security incidents.

Personal Data that Given to Tech gaints 

  • In this case, Facebook gave permission to Bing search engine to see the Facebook users name virtually all Facebook users’ friends without consent, the records show
  • Facebook gave access to Netflix and Spotify to read Facebook users’ private messages.
  • Amazon can able to access the names and contact information through their friends.
  • Yahoo view streams of friends’ posts as recently

According to the New York times report, the documents, as well as interviews with about 50 former employees of Facebook and its corporate partners, reveal that Facebook allowed certain companies access to data despite those protections. 

More than 150 companies were gain benefits and most of the companies are tech businesses, including online retailers and entertainment sites, but also automakers and media organizations.

Steve Satterfield, Facebook’s director of privacy and public policy, said none of the partnerships violated users’ privacy or the F.T.C. agreement. 

Former Facebook CSO Alex Stamos Tweets to disclose more details about what special access it provided to whom.”

https://twitter.com/alexstamos/status/1075297398342148097

“Facebook has found no evidence of abuse by its partners, a spokeswoman said. Some of the largest partners, including Amazon, Microsoft and Yahoo, said they had used the data appropriately, but declined to discuss the sharing deals in detail. “

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Ex-ASML Russian Employee Smuggled Trade Secrets to Moscow via USB

A former employee of Dutch semiconductor firm ASML, identified as German A. (43), stands...

Critical Apache Parquet Vulnerability Allows Remote Code Execution

A severe vulnerability has been identified in the Apache Parquet Java library, specifically within...

Halo ITSM Vulnerability Lets Attackers Inject Malicious SQL Code

A critical security flaw has been discovered in Halo ITSM, an IT support management software...

Australian Pension Funds Hacked: Members Face Financial Losses

Several of Australia’s largest superannuation funds have been targeted in a coordinated cyberattack, leading...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Ex-ASML Russian Employee Smuggled Trade Secrets to Moscow via USB

A former employee of Dutch semiconductor firm ASML, identified as German A. (43), stands...

Critical Apache Parquet Vulnerability Allows Remote Code Execution

A severe vulnerability has been identified in the Apache Parquet Java library, specifically within...

Halo ITSM Vulnerability Lets Attackers Inject Malicious SQL Code

A critical security flaw has been discovered in Halo ITSM, an IT support management software...