Oct 2, 2018

Facebook says "no evidence" outside apps were accessed after hack

A sign outside Facebook headquarters. Photo: Justin Sullivan/Getty Images

Facebook said Tuesday night that an investigation had unearthed "no evidence" that stolen keys to 50 million accounts were used to access third-party applications that let users log in with their Facebook credentials.

Why it matters: 50 million Facebook accounts is already a significant breach, but if Facebook's findings are correct, it means that the stolen "access tokens" weren't used to access even more services, which the company said Friday was possible. Services like Tinder, Spotify and Airbnb are among the thousands that offer Facebook's login tool to users.

What they're saying: "Any developers using Facebook Login security best practices were automatically protected when we reset people's access tokens," said Vice President of Product Management Guy Rosen in a statement. "Given that some developers will not have done this, we analyzed third party access during the time of the attack we have identified. That investigation has found no evidence that the attackers accessed any apps using Facebook Login."

Between the lines: There is a difference between having "accessed" an app and still having had the token to do so. This statement appears to concern the former.

Go deeper: Third-party apps are among those scrambling for answers a week after the breach was discovered.

Go deeper

Mark Cuban criticizes "arrogant" 3M on respirator production

Photo: Axios Events

Businessman and Dallas Mavericks owner Mark Cuban said during an Axios virtual event Friday that 3M is "arrogant" for not speaking up about respirator production in the midst of the coronavirus outbreak.

What he said: Cuban criticized the company for "making more globally than domestically," echoing a similar line from President Trump now that the U.S. is the epicenter of the pandemic. "You can't ghost the American people," he told Axios CEO Jim VandeHei from Dallas.

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 12:30 p.m. ET: 1,056,777 — Total deaths: 55,781 — Total recoveries: 221,262Map.
  2. U.S.: Total confirmed cases as of 12:30 p.m. ET: 257,773 — Total deaths: 6,069 — Total recoveries: 9,311Map.
  3. Politics latest: Lawmakers on both sides of the aisle are worried about the difficulties of delivering the $2.2 trillion in stimulus aid.
  4. Jobs update: The U.S. lost 701,000 jobs in March, but the new report doesn't reflect the height of the virus' impact on the economy.
  5. World update: About half of the deaths worldwide are in Italy and Spain, with fatalities exponentially increasing across Europe.
  6. Social media: Bored athletes take to Instagram to connect with fans during coronavirus shutdown.
  7. What should I do? Answers about the virus from Axios expertsWhat to know about social distancingQ&A: Minimizing your coronavirus risk.
  8. Other resources: CDC on how to avoid the virus, what to do if you get it.

Subscribe to Mike Allen's Axios AM to follow our coronavirus coverage each morning from your inbox.

Coronavirus puts ambitious plans for self-driving cars on the shelf

Illustration: Sarah Grillo/Axios

In two weeks, the coronavirus has brought the entire U.S. auto industry to a screeching halt. When it finally sputters back to life, many companies may be forced to change, defer — or even abandon — their ambitious plans for self-driving vehicles.

The big picture: Auto factories are shut down across North America to prevent the spread of the virus among workers, while stay-at-home orders have kept car shoppers away from showrooms. The resulting financial shock means carmakers have shifted their focus to survival, not investing in expensive technologies with no clear payoff.