Get the latest market trends in your inbox

Stay on top of the latest market trends and economic insights with the Axios Markets newsletter. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Minneapolis-St. Paul

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa-St. Petersburg news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa-St. Petersburg

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Photo: Omar Marques/SOPA Images/LightRocket via Getty Images

Researchers found two third-party Facebook app developers had been storing user data on a publicly accessible Amazon Web Services server.

Why it matters: While Facebook itself wasn't directly to blame, this is yet another example of its customers' data being mishandled.

Details: Researchers at UpGuard found data from two firms containing Facebook user information and, in one of the cases, app passwords available for public download.

  • In the first case, 146 gigabytes of data containing 540 million records from Mexico-based media company Cultura Colectiva was stored in a publicly accessible Amazon S3 storage bucket and includes a variety of Facebook data, including user IDs, according to UpGuard.
  • Data from a second Facebook-integrated app, called "At the Pool," contained columns for a variety of Facebook categories including user ID, friends, likes, photos, checkins and more. There was also a category for password. Even if this was only the passwords for the app and not Facebook, many people reuse passwords across services.
  • Last March, in the wake of the Cambridge Analytica scandal, Facebook began limiting the amount of user data that third-party developers have access to.

What they're saying:

  • In a statement, Facebook told Axios that the developers were acting contrary to the company's policies, "Facebook's policies prohibit storing Facebook information in a public database. Once alerted to the issue, we worked with Amazon to take down the databases. We are committed to working with the developers on our platform to protect people's data."
  • Amazon, for its part, said: “AWS customers own and fully control their data. When we receive an abuse report concerning content that is not clearly illegal or otherwise prohibited, we notify the customer in question and ask that they take appropriate action, which is what happened here."

The big picture: This is, of course, just the latest scandal for Facebook surrounding user data. Earlier this year, the company acknowledged it had been storing some user passwords on its own servers in plaintext. And just yesterday it said it would halt the practice of asking some new users for their e-mail passwords as a means of verifying accounts.

Go deeper

Tony Hsieh, longtime Zappos CEO, dies at 46

Tony Hsieh. Photo: FilmMagic/FilmMagic

Tony Hsieh, the longtime ex-chief executive of Zappos, died on Friday after being injured in a house fire, his lawyer told the Las Vegas Review-Journal. He was 46.

The big picture: Hsieh was known for his unique approach to management, and following the 2008 recession his ongoing investment and efforts to revitalize the downtown Las Vegas area.

Dan Primack, author of Pro Rata
6 hours ago - Economy & Business

The unicorn stampede is coming

Illustration: Annelise Capossela/Axios

Airbnb and DoorDash plan to go public in the next few weeks, capping off a very busy year for IPOs.

What's next: You ain't seen nothing yet.

19 hours ago - World

Maximum pressure campaign escalates with Fakhrizadeh killing

Photo: Fars News Agency via AP

The assassination of Mohsen Fakhrizadeh, the architect of Iran’s military nuclear program, is a new height in the maximum pressure campaign led by the Trump administration and the Netanyahu government against Iran.

Why it matters: It exceeds the capture of the Iranian nuclear archives by the Mossad, and the sabotage in the advanced centrifuge facility in Natanz.