Security News > 2021 > January > Millions of Social Profiles Leaked by Chinese Data-Scrapers

The affected server, hosted by Tencent, was segmented into indices in order to store data obtained from each social-media source, which allowed researchers to look into the data further.

"Our research team was able to determine that the entirety of the leaked data was 'scraped' from social-media platforms, which is both unethical and a violation of Facebook's, Instagram's and LinkedIn's terms of service," researchers said, in a Monday blog post.

In addition to the collating of publicly available data, the database also included, inexplicably, private data for social-media users.

"How SocialArks could possibly have access to such data in the first place remains unknownIt remains unclear how the company managed to obtain private data from multiple secure sourcesMoreover, the company's server had insufficient security and was left completely unsecured."

The information exposed also consisted of scraped, publicly available data such as full names, country of residence, place of work, position, subscriber data and contact information, as well as direct links to profiles.

"However, even if such data is obtained legally - if it is stored without adequate cybersecurity, large leaks affecting millions of people can occur. When private information including phone numbers, email addresses and birth information is extracted and/or leaked, criminals are empowered to commit heinous acts including identity theft and financial fraud."

News URL

https://threatpost.com/social-profiles-leaked-chinese-data-scrapers/162936/