Backblaze, a cloud storage service provider, has accidentally added Facebook’s ad tracking code to its B2 Web UI, where only its users can browse through. This led to the files’ metadata like their names, sizes, and dates of modifications to be sent to Facebook servers for almost two weeks. After realizing the issue, Backblaze removed the code.

Files Metadata Shared With Facebook

BackBlazeBackblaze is a popular and one of the cheapest cloud storage services for businesses, where they can store an unlimited amount of data to their cloud servers for a fixed price. Earlier this week, few Backblaze users complained that their file metadata was being shared with Facebook.

While these complaints among users started to grow, Backblaze explained the incident. It said that Facebook’s ad tracking code (advertising pixel) was inadvertently applied to its B2 Web UI platform, which was used for users to check their files stored in the Backblaze’s cloud storage.

Backblaze used Facebook’s ad tracking code; it was meant to be embedded in the marketing pages only and would track users’ interaction data for targeted advertising. But it was accidentally applied to b2_browse_files2.htm of B2 Web UI, which is thus sending the metadata of files to Facebook.

Those users who’ve previewed their files in B2 Web UI had those files metadata like file names, sizes, and dates of modifications being sent to Facebook servers. After realizing this practice through complaints, Backblaze removed the tracking code from the concerned page.

It said that about 9,162 users had used the B2 Web UI throughout the unintended campaign, which ran between March 8th to March 21. Assuring that no account data or the content of the files was shared, Backblaze affirmed that it “did not intentionally share this data with Facebook, nor did Backblaze receive any form of compensation for it.“