Newly Discovered Data Leak Exposed Intimate Details of 3 Million Facebook Users

Facebook’s data privacy problems and reputation troubles have been snowballing over the last few months. A report recently released by New Scientist claims that sensitive information of more than three million Facebook users gathered by a quiz-app has been readily available online for the last four years. The news comes months after Facebook’s CEO Mark Zuckerberg was grilled before Congress for letting consultancy firm Cambridge Analytica improperly handle data for political purposes.


Developed by Cambridge University researchers, myPersonality was a Facebook app that allowed users to take psychometric tests and obtain instant results. The app was active between 2007 and 2012 and more than 6 million people participated in the project. All quiz answers were recorded, and roughly half of participants opted in to share the data from their Facebook profiles with the researchers. All of the data gathered by the app was stored in a database making it one of the most extensive social science research databases in history. The data was anonymized and then shared with academics around the world.

The database contained highly sensitive and revealing information of millions of Facebook users and even though the academics at the University of Cambridge never charged for access to the database and wanted to be used only for academic purposes, the login details giving access to the database were easily reachable online. Anyone interested in peeking into the personal lives of millions of Facebook users had to merely search for username and password on GitHub – the largest host of source code in the world.

While the data was anonymized and no names are known to have been exposed every single Facebook profile have been assigned with an ID that has been connected with their age, gender location, status updates, etc. With so much information attached to one ID, finding out the real identity of the person behind the profile would have been an easy task, and it might have been easily automated.

Currently, there isn’t a conclusive answer to the number of people who’ve had access to the database over the years, and for the ways, they might have used it. The report released by New Scientist suggests that Facebook has been aware of the quiz since 2011 but did not act up until last month.

Facebook suspended the app on April 7th. The app is one of 200 other banned apps that might have collected data in the same manner. The official website of myPersonality is currently offline too.

The news comes only days after Mark Zuckerberg confirmed that he will be facing MEPs in Brussels and will be meeting with French President Macron.

Download Panda FREE VPN