Weeks after the Cambridge Analytica scandal rocked the world, another Facebook app has been found leaving user data unsecured. Popular quizzing app NameTests has been found to have exposed the personal data of about 120 million users.
As reported by security researcher Inti De Ceukelaire in a Medium post, the NameTests quizzes are created by a German app maker Social Sweethearts, known for quizzes like ‘Which Disney Princess Are You?’ or ‘What Age Do You Look’ that are insanely popular on Facebook. If you or anyone you know has answered one of these eye-grabbing quizzes then your data may have been exposed.
Ceukelaire contacted Facebook in April and spoke to them multiple times and Facebook’s Data Abuse Program is supposedly actively working to address such complaints. NameTests just recently fixed the issue and the security researcher was awarded $4000 bug bounty by Facebook, which was doubled when he donated it to charity, for discovering the loophole.
In addition, in a statement to TechCrunch, Social Sweethearts’ data protection officer has denied any misuse of the exposed data. The app maker also issued an official statement, which says,
“Our investigation found that there was no evidence that personal data of users was disclosed to unauthorized third parties and all the more that there was no evidence that it had been misused. Nevertheless, data security is taken very seriously at Social Sweethearts and measures are currently being taken to avoid risks in the future.”
Facebook is currently under scrutiny from all sides – be it the Congress or EU and it needs to make the users feel safe, instead of thinking of new data leaks every other day. We just get the feeling there are a lot more apps and quizzes which have done this over the years and NameTests is just one of them.
The question facing many users is what to do if you have ever answered one of these quizzes, and the app is no longer on Facebook. In that case, you are out of luck, especially if you want to use Facebook for any amount of time.