Facebook and Twitter say the personal data of hundreds of users may have been improperly accessed after they used their accounts to log into certain Android apps downloaded from the Google Play store
- Hundreds of Android users who accessed two popular apps via Facebook or Twitter have had their personal data improperly accessed
- The breach has reportedly affected those who accessed the Giant Square and Photofy apps
- It’s not believed that iOS users who accessed those apps via social media have been impacted
- Facebook says they have ‘removed the apps from our platform for violating our platform policies’
- They plan to notify users who have been affected
Facebook and Twitter have confirmed that the personal data of hundreds of their users may have been ‘improperly accessed’ by third-party apps.
CNBC reports that the social media giants were alerted to the news by security researchers who discovered that two software development kits had given some app developers access to user data, including email addresses and usernames.
The security breach has reportedly affected Android users who accessed the Giant Square and Photofy apps via their social media accounts.
There are no reports that i0S users have been impacted.
Disturbingly, the breach means that those affected may now have their accounts taken over by strangers – but there has been no confirmation that this has yet occurred.
In a statement released Monday, Facebook revealed: ‘Security researchers recently notified us about two bad actors, One Audience and Mobiburn, who were paying developers to use malicious software developer kits (SDKs) in a number of apps available in popular app stores.’
Facebook and Twitter have confirmed that the personal data of hundreds of their users may have been ‘improperly accessed’ by third-party apps purchased by Android users through the Google Play store
‘After investigating, we removed the apps from our platform for violating our platform policies and issued cease and desist letters against One Audience and Mobiburn.
The company further stated that they ‘plan to notify people whose information they believe was likely shared after they had granted these apps permission to access their profile information like name, email and gender’.
Facebook added: ‘We encourage people to be cautious when choosing which third-party apps are granted access to their social media accounts’.
Meanwhile, Twitter told CNBC: ‘We think it’s important for people to be aware that this exists out there and that they review the apps that they use to connect to their accounts’.
CNBC reports that those who accessed the Giant Square and Photofy apps on their Android devices via their social media accounts are among those impacted
The drama comes after Facebook has hit headlines for controversially deciding not to fact check political ads.
The social network was recently admonished after it emerged a number of Russian hackers bought ads on the site pretending to be legitimate groups or businesses before the 2016 US presidential election in order to influence the vote.
CEO Mark Zuckerberg has complained that it should not be down to him to draw the lines on how to police political advertising.
Alternatively, Twitter last month revealed it has decided to ban political ads.
“A political message earns reach when people decide to follow an account or retweet,” CEO Jack Dorsey from his Twitter account.
“Paying for reach removes that decision, forcing highly optimized and targeted political messages on people. We believe this decision should not be compromised by money.”
Mark Zuckerberg (pictured October 25) has come under fire for his decision not to fact check political ads shared to Facebook