UPDATED 21:19 EST / APRIL 18 2018

CLOUD

48M social media records exposed in latest cloud storage mishap

Seattle data gathering firm LocalBlox Inc. is the latest company to expose data via a misconfigured Amazon Web Services Inc. S3 storage instance — a lot of data. In this case, in involved 48 million records relating to social media information.

Discovered by Chris Vickery at UpGuard Inc., as all good S3 data exposures are, the data related to tens of millions of people that LocalBlox had gathered from social media platforms, including physical addresses, dates of birth, “scraped” data from LinkedIn and Facebook, Twitter handles and more.

As Vickery explained in a blog post, the data builds a “three-dimensional picture of every individual affected — who they are, what they talk about, what they like, even what they do for a living — in essence a blueprint from which to create targeted persuasive content, like advertising or political campaigning.”

The data gathering itself isn’t greatly surprising, since LocalBlox has stated clearly that its service provides automatic crawling, discovery, extraction, indexing, mapping and augmenting of data “in a variety of formats from the web and from exchange networks.” The difference, of course, is that although it would usually sell access to the data, this time it exposed it to all and sundry for free on an S3 instance.

Instead of admitting it made a mistake, LocalBlox instead accused Vickery of hacking the company. Chief Executive Officer Ashfaq Rahman told ZDNet that “most” of the data was fabricated for internal tests but did not say how much. Still, the company changed the setting on the file from public to private within hours of being made aware that it was publicly exposed.

Given that the data itself is based on publicly available information, arguably it’s less concerning than a data exposure that exposes private information such as passport and ID card scans, as was the case with Thai telco True Corp. late last week. Still, with the drama of the so-called Cambridge Analytica data scandal involving Facebook still making headlines, the incident once again raises concerns about data scraping practices.

“Data gathered on these people connected their identity and online behaviors and activity, all in the context of targeted marketing, i.e. how best to persuade them,” Vickery noted. “It is exactly this persuasive factor that lies at the heart of discussions about how data is gathered and sold: when aggregated together at scale, your psychographic data can be used to influence you. It is what makes exposures of this nature so dangerous.”

Image: frauhoelle/Flickr

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU