April 10, 2018
Cambridge Analytica may have had access to private Facebook Messenger messages
Roughly 1,500 users gave access to their messages
By Chaim Gartenberg@cgartenberg Apr 10, 2018, 1:19pm EDT
Facebook has started to help users figure out whether or not they’ve been affected by the Cambridge Analytica scandal, and detailed in the company’s notification is the fact that Facebook users may have also had their private messages leaked to Cambridge Analytica.
As pointed out by researcher Jonathan Albright, the vulnerability dates back to the first version of Facebook’s Graph API, which allowed apps to request massive amounts of users’ friends info with a single prompt. Once permission was granted, apps — like Cambridge Analytica — could continue to pull data for years until either the app was deleted or when Facebook finally killed the 1.0 version of the Graph API for a more limited 2.0 version in 2015.
Included in the data that those early Graph API apps could pull was the ability to read users’ private Facebook messages through a “read_mailbox” API request.
Facebook confirmed to Wired that a relatively small number of Facebook users gave access to Messenger — only 1,500 people gave the “This Is Your Digital Life” app permission to access the data, but anyone who messaged or received messages from those 1,500 people could also potentially be impacted.
Update April 10, 2:55pm: Cambridge Analytica has denied that it had access to private message data.
Cambridge Analytica
✔
@CamAnalytica
GSR did not share the content of any private messages with Cambridge Analytica or SCL Elections. Neither company has ever handled such data.
4:03 AM - Apr 11, 2018
Subscribe to:
Post Comments (Atom)
https://www.theverge.com/2018/4/10/17219606/cambridge-analytica-private-facebook-messenger-messages?source=Snapzu
ReplyDelete