It would be easy to confuse recent news that data belonging to 3 million Facebook users was exposed online with the Cambridge Analytica debacle that involved 87 million users. Both stories have their origin stories among researchers at Cambridge University.
This compromise was unearthed by investigative reporters at New Scientist who found that the data from millions of Facebook users who had used a popular personality app developed by researchers from Cambridge University had been exposed. The compromise included user answers to intimate questionnaires.
So how did the hackers get in? It wasn’t hard: the data was left exposed online for anyone who had a scintilla of curiosity and basic computer skills such as opening a web browser and typing search terms.
Technically, you had to be on the team to get a look at these data sets, which included the results of probing psychological test, and there were 280 people from 150 institutions who were credentialed to look at the data, which included granular information about individuals who had completed psychological tests online.
New Scientist found that, “for those who were not entitled to access the data set because they didn’t have a permanent academic contract, for example, there was an easy workaround.”
A working username and password was available online, and an intuitive web search yielded it right away.
There is for sure some consumer fatigue here—another story about serious depredations in the realm of privacy. And that’s about right, but it’s no less outrageous.
Read the whole story here.