Illustration: Rebecca Zisser/Axios

Facebook today revealed a “security issue” in which a code flaw could have allowed hackers to take over upwards of 50 million user accounts.

“We face constant attacks from people who want to take over accounts or steal information…We need to do more to prevent this from happening in the first place."
— Facebook CEO Mark Zuckerberg, during a call with reporters.

The big picture: This is just the latest in a long string of recent problems for Facebook, including executive defections, social media interference, privacy concerns, and accusations of anti-conservative bias.

"The original investigation started when we saw a pattern of increased usage to the site and when we dug into that we found this was an attack exploiting that vulnerability."
— Guy Rosen, Facebook's vice president of product management

Why it matters: Facebook's headache is no longer about a third party brokering user data — this is about Facebook's code having a flaw that allows hackers to access personal information in user accounts. And there is nothing users can do about it from a security standpoint but let Facebook roll out an update.

The code vulnerability is related to the “view as” feature on profiles, where users can view their profiles through the eyes of someone else.

  • Facebook says the hack was produced by the interaction of three "bugs" introduced when Facebook updated the video upload feature in July, 2017.

The company does not yet know if information has been misused or accessed, which is something CEO Mark Zuckerberg reiterated during a media call.

  • Passwords were apparently not accessed. Neither was any credit card information.
  • Facebook says it has fixed the code vulnerability, and the "view as" feature is temporarily turned off.
  • The company says it is working with the FBI. It also alerted law enforcement in Europe, per new privacy rules there called GDPR, and the Department of Homeland Security.

Facebook says it first learned of the vulnerability this past Tuesday. On Wednesday it alerted authorities and on Thursday fixed the vulnerability and began resetting access codes.

Go deeper: Everyone unfriends Facebook

Correction: This story has been updated to specify the year of the hack and correct that the bug was in the video upload feature's code.

Go deeper

Updated 59 mins ago - Politics & Policy

Supreme Court clears way for first federal execution since 2003

Lethal injection facility in San Quentin, California. Photo: California Department of Corrections and Rehabilitation via Getty Images

The Supreme Court ruled early Tuesday that federal executions can resume, reversing a lower court decision and paving the way for the first lethal injection since 2003 to take place at a federal prison in Indiana, AP reports.

The big picture: A lower court had delayed the execution, saying inmates had provided evidence the government's plan to carry out executions using lethal injections "poses an unconstitutionally significant risk of serious pain."

2 hours ago - Health

More Republicans say they're wearing masks

Data: Axios/Ipsos poll; Chart: Andrew Witherspoon/Axios

Nearly two-thirds of Americans — and a noticeably increasing number of Republicans — say they’re wearing a face mask whenever they leave the house, according to the latest installment of the Axios-Ipsos Coronavirus Index.

Why it matters: A weakening partisan divide over masks, and a broad-based increase in the number of people wearing them, would be a welcome development as most of the country tries to beat back a rapidly growing outbreak.

Buildings are getting tested for coronavirus, too

Illustration: Eniola Odetunde/Axios

Testing buildings — not just people — could be an important way to stop the spread of the coronavirus.

Why it matters: People won't feel safe returning to schools, offices, bars and restaurants unless they can be assured they won't be infected by coronavirus particles lingering in the air — or being pumped through the buildings' air ducts. One day, even office furniture lined with plants could be used to clean air in cubicles.