Even though Facebook is trying to leave the Cambridge Analytica scandal behind, it seems that the issue will not be forgotten so soon. In fact, just a few months later, we could be faced with a similar case. As the security researcher, Inti De Ceukelaire says, a question-and-answer application would have been filtering the private data of 120 million Facebook users for more than a year.
According to the security researcher, the entertainment application is owned by NameTests.com, and users used it to answer certain questions, such as “What Disney princess are you? Apparently, the Javascript code of the application was able to filter all kinds of personal data, such as our Facebook account ID, first and last name, the language we speak, our gender, date of birth, profile image, cover photo, currency, devices we use, list of friends…
In particular, Inti De Ceukelaire claims that the data collected would have been publicly available since at least the end of 2016, which shows the magnitude of the problem. To check for the security breach, the researcher set up a website where he tried to collect the information collected by NameTest.com’s Javascript code, which he did without too many complications. It also showed that the company responsible for developing the app still had access to our data even if we deleted the application.
After filming the video we left you later, the researcher contacted Facebook, who just rewarded his work with $4000, which was later dubbed when Inti De Ceukelaire donated it to charity. Specifically, the security flaw was reported in April, and everything seems to indicate that NameTests.com fixed it only a few days ago, on June 25th.