According to an article by ThreatPost, this leak now stems from a certain misconfiguration ElasticSearch database that is owned by the Chinese social-media management company known as SocialArks.
Over 400GB Of 214 Million Social Media Users Have Been Exposed By ‘Misconfiguration’ rom Chinese Company SocialArks : Over 400GB of a mixed private and public profile data coming from 214 million Facebook, Instagram, LinkedIn, and Other social media users coming from all around the world has recently been exposed to the internet. This includes certain details for even social-media influencers and celebrities coming from the United States and other places.
Social media user data leaked
According to an article by ThreatPost, this leak now stems from a certain misconfiguration ElasticSearch database that is owned by the Chinese social-media management company known as SocialArks, which was said to contain personally identifiable information or PII coming from Facebook, LinkedIn, Instagram, and other platforms according to the researchers over at Safety Detectives.
The server was actually found to be exposed publicly even without password protection or a simple encryption during the seemed routine IP-address checks made on potentially unsecured databases according to the researchers. This contained over a total of 318 million records.
Chinese company hosted by Tencent
SocialArks’ own data-management platform is specifically used for programmatic advertising as well as marketing. It also bills itself as a particular cross-border social-media management company that is dedicated towards solving certain current problems of the brand building, marketing, and social customer management in China’s foreign trade industry.
The particularly affected server was said to be hosted by Tencent and was segmented into certain indices in order to be able to store the data that was obtained coming from each of the social-media sources. This allowed researchers to look straight into the data much further.
Millions of user data leaked
A blog post by Safety Detectives noted that their research team was able to determine the measurement as to the leaked data that was “scraped” from certain social-media platforms. It was then also stated to be both unethical as well as a violation of Facebook’s, LinkedIn’s, and also Instagram’s terms of service.
The total scraped profilers were said to include around 11,651,162 Instagram profiles, 66,117,839 LinkedIn profiles, and even 81,551,567 Facebook profiles. There were also 55,300,000 Facebook profiles coming from those that were deleted within only a few hours after the previous open server was first discovered.
These public profile data included some profile pictures, biographies, location setting, follower totals, contact details like emails and phone numbers, follower numbers, frequently used hashtags, number of comments, company names, and even employment position and a lot more.
Is social media safe?
Jack Mannimo, the CEO at nVisium gave a statement to ThreatPost saying social media data scraped from the marketing purposes will inevitably also include a number of sensitive information.
It was also said that for every particular privacy-conscious person through the use of social media. It was also said that there is now an exponentially greater number of those people all publicly sharing certain intimate details about their own private lives.
It was then said that in order for people to protect themselves, they should restrict the public access towards their profile and their social media assets.
They then said that people should be sensible regarding what they post online and that they should be careful regarding what permission they grant to certain applications that might just abuse, misuse, or even steal user information.
Originally published at Tech times