Linking to a third party access; these trackers can get access to users’ emails, usernames, locations, photos and other private data.
According to TechCrunch, these trackers have been found in 434 out of top 1 million websites including MongoDB. Facebook has investigated the matter; a spokesperson said,
“Scraping Facebook user data is indirect violation of our policies. While we are investigating this issue, we have taken immediate action by spending the ability to link unique use IDs for specific applications to individual Facebook profile pages, and are working to institute additional authentication and rate limiting for Facebook Login profile picture requests.”
Facebook Is Innocent
Whenever someone uses another website to login Facebook by using “Login With Facebook”, then during this process the scripts can jam account data and store it for their wanted usage.
Currently, Facebook is recovering from the Cambridge Analytical case and everyday new data breach problems are popping out. The company had many gaps in its privacy protection policies which had allowed third parties to access public data.
Though the social media hulk did improve its security modules but many other abuses – like JavaScrpit jammer – keep coming out in front to create hassle among users.
Due to weak security boundaries between first-party and third-party scripts, this bug is certainly not the Facebook’s flaw. According to experts, the only way Facebook can recover this error is by schedule auditing who is accessing user data.