Data Firm Exposes 235 Million Social Media Profiles
Leo Daniels • August 20, 2020
This is a subtitle for your new post
A social media data broker has exposed the public-facing profiles of 235 million users via a misconfigured online database, according to researchers.
Comparitech teamed up with Bob Diachenko to uncover three identical copies of the data on August 1, left online with no password or other authentication required to access it.
In total, 192 million profiles were scraped from Instagram, 42 million from TikTok and four million from YouTube.
Each record contained some of the following: profile name, real name, profile pic, account description, age, gender and more.
Around a fifth of profiles also contained either a phone number or email address, according to Comparitech.
Although the personal information contained in this trove was all publicly available, social media companies like Facebook have threatened legal action in the past against automated data scraping firms that subsequently sell their collections to marketers.
Comparitech said that although access to the exposed database was shut down three hours after its first disclosure, it’s unclear how long the information was left online without a password.
The firm warned that, if discovered, the trove could have been used by spammers or to make follow-on phishing attacks more convincing.
The data itself was traced back to Social Data, a firm that apparently sells data on social media influencers to marketers. It was at pains to point out that the exposed information was taken from publicly available profiles, even though their consolidation into a single database makes it a more attractive prospect for cyber-criminals.
Comparitech also claimed
that “evidence” suggests a connection between the data and a now-defunct company known as Deep Social which was removed from Facebook and Instagram marketing APIs in 2018 and threatened with legal action.
Social Data reportedly denied any connection between the two companies, although some of the original datasets were labelled as follows: “accounts-deepsocial-90” and “accounts-deepsocial-91.”
We’re 1-fix, we can help you secure your business
At 1-fix, we take a realistic approach to technology – ensuring our client’s systems are best protected.
If you have any concerns, questions or simply want to explore how to better secure your business, please do get in touch with the team for a FREE demonstration, consultation to explore how exposed your business might be and identify actions to take.
Join Our Mailing List
All sign-ups are handled inline with our privacy policy and can unsubscribe at any time.
Recent Blogs
Cyber Essentials 101: what every business needs to know. Thursday 8th May, 2pm
We’re absolutely delighted to share that our Client Manager, Lee , has been shortlisted for the Hidden Hero Award at the Comms Business Awards – and we couldn’t be prouder!
We've moved! 1-Fix is now based in Bracknell, Berkshire - Your trusted IT support partner in the Thames Valley
As we approach October 2025, the end of life for Windows 10 is just around the corner. For many businesses, this coincides with the start of a new budget cycle in April, making it the perfect time to consider upgrading to Windows 11. In this blog post, we'll explore the benefits of making the switch early and how it can positively impact your business.
Multi-Factor Authentication (also known as 2-Factor authentication, 2FA and MFA) has become a widely adopted seucirty measure to protect business' data. However, it's becoming more apparent just how easy it may be for hackers to get around it.
Data loss can occur due to various reasons, including hardware failures, cyberattacks, natural disasters, and human error. To protect your business from these risks, it's crucial to implement a strong data backup and security strategy.
