Facebook is facing yet another scandal after it’s been confirmed that it’s investigating another illegal data exploitation. If you have used “Login With Facebook” on sites, there is a chance your data has been stolen. Third-party JavaScript trackers are able to tack a user’s data including name, email address, age range, gender, location, and profile photo. At this time, it is not known what the trackers are doing with this information but it is possible they are selling the data to others.
The exploited scripts have been found in 434 of the top one million websites in the world.
Some of these sites include cloud database provider MongoDB, concert site BandsInTown, and freelancer site Fiverr.com. MongoDB released a statement saying “We were unaware that a third-party technology was using a tracking script that collects parts of Facebook user data. We have identified the source of the script and shut it down.”
After yet another data security flaw, it is proving to be a tumultuous time for Facebook. Just recently, CEO Mark Zuckerberg testified before Congress in response to the Cambridge Analytica scandal. Even after recent changes to better protect user data, it has proven to be ineffective. However, Facebook could have identified and prevented these trackers with better API auditing. While they are stepping up their protection, it seems like there are more holes in the security wall.
This most recent data breach is showing users how easy it is to track and exploit data not only from Facebook but also around the internet. Facebook has not yet released a formal statement beyond “We will look into this and get back to you.”