POST Online Media Lite Edition


Chinese Socialarks leaks social profiles of 214 million users

Christian Fernsby |
A cloud configuration error at a Chinese startup exposed the personal data of at least 214 million social media users including celebrities, researchers have warned.

Article continues below


The privacy snafu occurred at social media management firm Socialarks, which suffered a similar incident in August last year when 150 million users were exposed, according to Safety Detectives.

This time, a team led by Anurag Sen came across an Elasticsearch database left completely open without any password protection or encryption, during a routine IP scan.

The 408GB trove contained over 318 million records in total, although the exact number of users affected is still not known given the size of the leak. What the researchers do know is that it was illegally scraped from social media profiles on Facebook, Instagram and LinkedIn, contrary to the policy on those sites.

They discovered nearly 12 million Instagram user profiles, including names, phone numbers, usernames, email addresses, profile pictures and locations.

The trove also contained data on 82 million Facebook profiles including full names, email addresses, phone numbers, Messenger IDs, pictures and more.

Finally, the researchers uncovered 66 million LinkedIn user profiles containing full names, email addresses, job profiles and company names, amongst other data points.

What to read next

Costco to pay $335,000 over Clean Air Act violations
U.S. probes fuel leaks in GM's older Chevy Cobalt and HHR vehicles
How hackers accessed data from 29 million Facebook accounts