Facebook and Twitter say many users gave improper access to personal data through third-party apps

Listen to this article

Facebook and Twitter recently announced that personal data of hundreds of users may have been improperly accessed after they used their accounts to log into certain Android apps downloaded from the Google Play store.

The companies received a report from security researchers who discovered that a software development kit named One Audience gave third-party developers access to personal data.

This includes the email addresses, usernames and most recent tweets of people who used their Twitter accounts to access apps including Giant Square and Photofy.

The company also said that it may have been possible for a person to take control of someone else’s Twitter account through this vulnerability, though there is no evidence that this occurred.

“We think it’s important for people to be aware that this exists out there and that they review the apps that they use to connect to their accounts,” said Lindsay McCallum, a Twitter spokeswoman.

Twitter said it will be informing users who were affected. The company said it has also informed Google and Apple about the vulnerability so that they can take further action.

The warning comes as Facebook, Google and Twitter are all facing heightened scrutiny from regulators, lawmakers and users for the ways that personal data is used by outside developers to track and target consumers.

The issue has been of particular concern since March 2018, when reports surfaced that analytics firm Cambridge Analytica improperly accessed up to 87 million Facebook profiles, in part to target ads for Donald Trump in the 2016 presidential election. Facebook later suspended tens of thousands of apps after investigating its ecosystem.

A Facebook spokesperson sent the following statement regarding Monday’s disclosure:

“Security researchers recently notified us about two bad actors, One Audience and Mobiburn, who were paying developers to use malicious software developer kits (SDKs) in a number of apps available in popular app stores.

“After investigating, we removed the apps from our platform for violating our platform policies and issued cease and desist letters against One Audience and Mobiburn.

“We plan to notify people whose information we believe was likely shared after they had granted these apps permission to access their profile information like name, email and gender. We encourage people to be cautious when choosing which third-party apps are granted access to their social media accounts.”

Mobiburn posted a statement addressing the vulnerability on Monday, saying it does not collect, share or monetize data from Facebook.

“Mobiburn only facilitates the process by introducing mobile application developers to the data monetization companies,” Mobiburn said. “This notwithstanding, Mobiburn stopped all its activities until our investigation on third parties is finalized.”

source: http://www.cnbc.com


MARKETING Magazine is not responsible for the content of external sites.

The APPIES is an annual event that presents a rare opportunity for creative, media, digital and marketing agencies or brands to present their best campaigns to the industry. 
This is the only event where Live Presentations meets Live Judging. 
Similar to TED Talks, The APPIES is the chance for great presenters with outstanding work to show it off to some of the industry’s most important industry leaders.
This year’s winners will receive Gold, Silver or Bronze trophies for 10 categories, and 7 special Best of Best categories (red trophies) that require no submissions!
Campaign entries must have run between June 2022 to May 2023

For more details visit https://appies.com.my/ or contact Vishnu




Subscribe to our Telegram channel for the latest updates in the marketing and advertising scene