Three million user accounts have reportedly been compromised in a new Facebook data leak incident.
An article released by the NewScientist Monday revealed that a new Facebook data leak left millions of user’s information exposed online for anyone to access. The users of said accounts allegedly used a popular personality app which includes answering questionnaires.
Researchers from the University of Cambridge distributed the data gathered by the Facebook personality app myPersonality to hundreds of other researchers through a website without enough security provisions. The incident has left the data highly accessible for about four years.
The compromised data was said to be highly sensitive and reveals personal information of Facebook users like the results of their psychological tests. The data was supposed to be stored and shared anonymously, but the apparent negligence of the researchers only deanonymized those who used the application.
Read More: The Data Leak is Normal Now
“This type of data is very powerful and there is real potential for misuse,” Chris Sumner of the UK-based data watchdog, the Online Privacy Foundation, said.
Those who gained access to the data would have been able to view about three million users’ app scores that shows the personal characteristics of the participating individual. This may include agreeableness, conscientiousness, and neuroticism.
Aside from the data set, the application was also able to collect information from around 22 million status updates from more than 150,000 users. The data allegedly includes information like age, gender, and relationship status of 4.3 million people.
“For the last four years, a working username and password has been available online that could be found from a single web search. Anyone who wanted access to the data set could have found the key to download it in less than a minute,” the investigators said.
Facebook already suspended myPersonality from the social networking site last month, saying the application is already under investigation for potentially violating their policies.