Advertisement

News

This Chrome extension was spying on your private Facebook groups

This Chrome extension was spying on your private Facebook groups
Daniel Caceres

Daniel Caceres

  • Updated:

A Chrome extension called Grouply.io has been discovered allowing third parties to get data from private Facebook groups.

The discoverer of this security breach was Andrea Downing, a moderator of a Facebook group that brings together women with BRCA, a gene associated with breast cancer. Downing explains that the theoretical privacy of a Facebook group lets women share their problems, stories and build strong relationships. For example, members posted images of their surgical procedures and experiences and advice about staying healthy.

Downing started to worry whether the group was safe from prying eyes after recent Facebook scandals. She checked it out and discovered that this Chrome extension Grouply.io, now defunct, had allowed downloads of names, jobs, places, emails and other personal data from anybody in a private Facebook group.

Downing contacted an expert in health data monitoring, Fred Trotter, to investigate the case. Trotter found out that closed (private) Facebook groups had a serious security breach.

Downing got in touch with Facebook. But neither she nor Trotter have been satisfied with the social network’s statements.

The good news is that since June 29, it’s no longer possible to get data from private groups. What a coincidence, just a month after Downing made her discovery and informed Facebook about it.

The bad news is that before then, there’s a chance that third parties had access to our data through private Facebook groups. In the case of this group of women, a health insurer could have used this extension to create their own database.

Daniel Caceres

Daniel Caceres

{ "de-DE": "", "en-US": "I learned how to read thanks to Monkey Island Insult Sword Fightning. I love to write fiction, meditate, and spy on strangers on bars and restaurants. I have an unfinished games backlog. I practice NPL and Impro-theater.", "es-ES": "Aprendí a leer gracias a los duelos de insultos de Monkey Island. Adoro escribir ficción, meditar, espiar a desconocidos en bares o restaurantes, dejar juegos sin acabar... Práctico PNL (cuando quieras te hago unos anclajes reshulones) y me estoy formando como actor de impro-teatro.", "fr-FR": "", "it-IT": "", "ja-JP": "", "nl-NL": "", "pl-PL": "", "pt-BR": "", "social": { "email": "daniel.caceres@softonic.com", "facebook": "", "twitter": "https://twitter.com/lorddevries", "linkedin": "", } }

Latest from Daniel Caceres

Editorial Guidelines