New crisis of Privacy on Facebook. Just 20 days after the leak of personal information of 530 million of its users was reported in a piracy forum, the social network it has been hit by a new vulnerability. That gap would have exposed millions of emails even when these were set to private.
This Tuesday a researcher explained to Facebook that he had found a security flaw that allowed him, using a tool, to link accounts to five million email addresses per second. The tech giant He responded by assuring that this gap was not “important” enough, which led the investigator to report the case, on condition of anonymity, to the ‘Ars Technica’ portal. “I have spent ten dollars to buy about 200 Facebook accounts and in three minutes I have managed to expose 6,000 email accounts,” he said. The researcher also pointed out that the security flaw detected now is similar to the one suffered by the company at the beginning of the year.
In a statement, Facebook has assured that it is “taking initial measures to mitigate this problem.” “It appears that we mistakenly closed this bug bounty report before submitting it to the appropriate team.” The social network has also explained that its engineers believe they have stopped the leak after deactivating the technique with which the researcher had exposed it.
It is unknown if this breach has been exploited by cybercriminals to create a database, as they have done with information stolen on previous occasions. This data can then be sold on hacking portals and used to carry out cyberattacks.