Adding to the woes of privacy advocates and users, Facebook has admitted that it provided companies with special access to user data even after it had restricted it in 2015. The company continued to share the data with 61 technology companies including AOL, United Parcel Service, and dating app Hinge, Cnet reported.
Facebook said it granted a special one-time six-month extension to these companies. It also admitted that there were five other companies which could have accessed limited friends' data.
After reports surfaced online revealing Aleksandr Kogan’s ‘thisisyourdigitallife’ app exploiting Facebook to harvest user data, another researcher discovered an app which left the data of 120 million users exposed to anyone who tried it out.
A third-party app called NameTests provided information those who requested it with an access token that would allow continued access to a user's posts, photos and friends data for up to two months.
The breach was discovered by security researcher Inti De Ceukelaire as part of Facebook's Data Abuse Bounty program.
Ceukelaire also discovered that his personal information, along with that of every other person who had taken the quiz, was being held in a JaveScript file that could easily be requested by any website that knew to ask, points out Medium.
In April, a Facebook India spokesperson told The Print stated that a quiz app named ‘thisisyourdigitallife’ was installed by 335 Facebook users living in India between November 2013 and December 2015.
This app reportedly poached data of these users, and data of their friends and friends, which resulted in scrapping data of almost 5,62,120 users in India. Facebook eventually suspended the app from its platform in December 2015.
Facebook did not unveil the names of the 335 users in India. The report also pointed out that this app was pushed on to Facebook by a company called Global Science Research, run by Dr Aleksandr Kogan, a psychology researcher at the University of Cambridge.