This cloud storage giant was accidentally sharing a bunch of data with Facebook
Misconfigured tracking code led to metadata being shared with Facebook
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Thecloud storageandcloud backupproviderBackblazehas removed Facebook tracking code (also known as an advertising pixel) from its service after it was accidentally added to web UI pages following a recent advertising campaign.
In aprivacy updateon its site, senior director of marketing at the company Yev Pusin provided further insight on what happened, saying:
“We useGoogleTag Manager to help deploy key third-party code in a streamlined fashion. The Google Tag Manager implementation includes a Facebook trigger. On March 8, 2021 at 12:39 p.m. Pacific time, a new Facebook campaign was created that started firing a Facebook advertising pixel, intended to only run on marketing web pages. However, it was inadvertently configured to run on signed-in pages.”
Backblaze was first informed of the issue when a userreached outto the company on Twitter to inform them that pages on the B2 web UI were sending file names and sizes to Facebook.
Facebook tracking code
Normally Facebook’sadvertising pixelis only used on marketing pages but in this case, the company’s campaign was accidentally configured to run on other Backblaze pages including its web UI pages which can only be accessed by users that are logged in.
After investigating the issue further though, Backblaze found that the third-party tracking code was only deployed on its b2_browse-files2.htm web UI page that allows users to browse theirB2 Cloud Storagefiles. The company also discovered that 9,245 users had visited the page between March 8 and 21 while the Facebook campaign was active.
During the campaign, the third-party tracking code collected loads of file and foldermetadataincluding file names, sizes and dates which was then uploaded to Facebook’s servers. Thankfully though, this only happened to customers who clicked to preview file information while browsing through the files saved in their B2 Cloud Storage.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Backblaze plans to inform customers affected by the issue and going forward, the company will be carefully reviewing applicable third-party code on its website.
ViaBleepingComputer
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
iStorage Group acquires Kanguru Solutions as it looks to expand security offering
Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics
Arcane season 2 finally gave us the huge Caitlyn and Vi moment we’ve been waiting for – and its creators say ‘we couldn’t have done it in season one’
