Photo: Omar Marques/SOPA Images/LightRocket via Getty Images

Researchers found two third-party Facebook app developers had been storing user data on a publicly accessible Amazon Web Services server.

Why it matters: While Facebook itself wasn't directly to blame, this is yet another example of its customers' data being mishandled.

Details: Researchers at UpGuard found data from two firms containing Facebook user information and, in one of the cases, app passwords available for public download.

  • In the first case, 146 gigabytes of data containing 540 million records from Mexico-based media company Cultura Colectiva was stored in a publicly accessible Amazon S3 storage bucket and includes a variety of Facebook data, including user IDs, according to UpGuard.
  • Data from a second Facebook-integrated app, called "At the Pool," contained columns for a variety of Facebook categories including user ID, friends, likes, photos, checkins and more. There was also a category for password. Even if this was only the passwords for the app and not Facebook, many people reuse passwords across services.
  • Last March, in the wake of the Cambridge Analytica scandal, Facebook began limiting the amount of user data that third-party developers have access to.

What they're saying:

  • In a statement, Facebook told Axios that the developers were acting contrary to the company's policies, "Facebook's policies prohibit storing Facebook information in a public database. Once alerted to the issue, we worked with Amazon to take down the databases. We are committed to working with the developers on our platform to protect people's data."
  • Amazon, for its part, said: “AWS customers own and fully control their data. When we receive an abuse report concerning content that is not clearly illegal or otherwise prohibited, we notify the customer in question and ask that they take appropriate action, which is what happened here."

The big picture: This is, of course, just the latest scandal for Facebook surrounding user data. Earlier this year, the company acknowledged it had been storing some user passwords on its own servers in plaintext. And just yesterday it said it would halt the practice of asking some new users for their e-mail passwords as a means of verifying accounts.

Go deeper

Updated 33 mins ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 4 p.m. ET: 31,433,180 — Total deaths: 966,970— Total recoveries: 21,546,587Map.
  2. U.S.: Total confirmed cases as of 4 p.m. ET: 6,882,969 — Total deaths: 200,477 — Total recoveries: 2,615,974 — Total tests: 95,846,925Map.
  3. Health: The U.S. reaches 200,000 coronavirus deaths — The CDC's crumbling reputation — America turns against coronavirus vaccine.
  4. Politics: Elected officials are failing us on much-needed stimulus.
  5. Business: Two-thirds of business leaders think pandemic will lead to permanent changes — Fed chair warns economy will feel the weight of expired stimulus.
  6. Sports: NFL fines maskless coaches.
40 mins ago - Podcasts

The big business of immigrant detention

Around 70% of all immigration detention centers are run by private companies, including the one at the heart of a new whistleblower complaint that alleges systemic medical neglect and malpractice.

Axios Re:Cap digs into the business of immigrant detention, including oversight and profit incentives, with Jonathan Blitzer, a staff writer for the New Yorker who’s covered the subject for years.

Biden campaign plans travel around competitive Senate races

Joe Biden elbow-bumping a worker during a campaign stop in Wisconsin. Photo: JIM WATSON/AFP via Getty Images

Joe Biden's campaign is storming states with competitive Senate races this week to help boost Democratic candidates in the run-up to the election.

Why it matters: Supreme Court Justice Ruth Bader Ginsburg's death is galvanizing Democrats to fight harder for control of the Senate with less than two months before Election Day.

Get Axios AM in your inbox

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Subscription failed
Thank you for subscribing!