advertisement
According to a recent TechCrunch report, a quiz app has been found misusing data of 120 million Facebook users after an ethical hacker found information on the abuse by Nametests.com that develops quizzes, games and apps for Facebook.
The hacker explained that he found out about the leak when he went hunting for data misuse after Facebook announced the data abuse bounty on 10 April, reported TechCrunch.
The quiz app comes under the German company Social Sweethearts that makes quizzes like "Which Disney Character Are You?”
The hacker, Inti De Ceukelaire had informed Facebook about the data leak in April through their own bounty program but still found the app live till about a month later. It took yet another month extra for the vulnerability to be fixed.
Finding that the quizzes were one of the most popular apps among Facebook users, the hacker took a quiz from one nametests.com and found out that the company was handing out data to any third party that requested it.
Nametests was displaying the user's data in a javascript file, potentially exposing the data on Facebook users to any website they happened to visit.
In their statement to TechCrunch, Social Sweethearts denied any misuse of data:
Facebook, on the other hand said that they have taken care of the matter.
This incident comes after Facebook started conducting audits and bounty programs to hunt down defaulters when it comes to data privacy, after the whole Cambridge Analytica scandal. It has already suspended 200 apps as a result of the audit announced on 21 March. However, their dreary response to this data breach gives us serious doubts if the data security programs are anything but positive PR.
(With inputs from TechCrunch)
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)