Suspended Facebook App Left 3M Users’ Data Unsecured


Facebook announced that it has suspended 200 apps as part of its ongoing investigation into third parties and the way they handle user data.

The investigation is in response to the Cambridge Analytica scandal, where 87 million Facebook users had their data improperly shared with the controversial research firm.

“We have large teams of internal and external experts working hard to investigate these apps as quickly as possible,” the company wrote in a press release. “To date, thousands of apps have been investigated and around 200 have been suspended — pending a thorough investigation into whether they did in fact misuse any data. Where we find evidence that these or other apps did misuse data, we will ban them and notify people via this website. It will show people if they or their friends installed an app that misused data before 2015 — just as we did for Cambridge Analytica.”

British magazine New Scientist reported that myPersonality was suspended on April 7, with Facebook saying the app may have violated its policies because of the language used in the app and on its website to describe how data is shared.

In addition, the app may have exposed the data of 3 million Facebook users. More than 6 million users participated in myPersonality, a psychometric test created by University of Cambridge researcher David Stillwell in 2007.

The app was active until 2012, and more than 280 people who were “collaborators” with the project had access to the data collected by myPersonality. New Scientist also reports that a password and username granting access to the data had been publicly available for the past four years.

A statement attributed to Facebook VP of partnerships Ime Archibong read: “[W]e are currently investigating the app, and if myPersonality refuses to cooperate or fails our audit, we will ban it.”

For its part, the University of Cambridge told New Scientist that the app was created by Stillwell before he joined the University, and “did not go through our ethical approval process.”

In a statement to VentureBeat, Stillwell said that “this is clearly a breach of the terms that academics agree to when requesting a collaboration with myPersonality. Once we learned of this, we took immediate steps to stop access to the account and to stop further data sharing. In nine years of academic collaborations, this is the only such instance where something like this has occurred.”


Latest Insights:

Our data and analytics team has developed a number of creative methodologies and frameworks that measure and benchmark the innovation that’s reshaping the payments and commerce ecosystem. The September 2019 AML/KYC Tracker Report provides an in-depth examination of current efforts to stop money laundering, fight fraud and improve customer identity authentication in the financial services space.


To Top