Facebook issues and the resultant chaos is now becoming so frequent that it won’t be wrong to consider them a routine. The last issue occurred when Facebook exposed about 30 million user accounts to hackers due to some bugs. Now, following the trend, Facebook has again confessed to an API glitch which is believed to be affecting 6.8 million users. Allegedly, this new Facebook bug exposed private photos of the affected user’s to third-party apps.
Facebook Bug Exposed Private Photos To Third-Party Apps
In a developer news that was published on Friday, Facebook has confessed breaching users’ privacy which was caused by a glitch. Reportedly, a Facebook bug exposed private photos of millions of users to third-party apps.
As explained earlier, the glitch happened in a Photo API that remained active for 12 days (between September 13 to September 25, 2018), which lead to exposing users’ private photos. The bug which was discovered by Facebook’s internal security team supposedly had affected 6.8 million users. As confirmed officially by Facebook,
“Currently, we believe this may have affected up to 6.8 million users and up to 1,500 apps built by 876 developers.”
Relative to the blog post, the bug only impacted those apps that Facebook gave access to its Photos API and was also allowed by the users to access their photos. Facebook has also confirmed that the flaw has already been fixed. However, some active developers might have accessed the exposed information during the bug’s active period.
Aside from the private photos, the flaw also exposed photos that the users’ have not yet uploaded. As explained in the blog,
“When someone gives permission for an app to access their photos on Facebook, we usually only grant the app access to photos people share on their timeline. In this case, the bug potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories. The bug also impacted photos that people uploaded to Facebook but chose not to post.”
This flaw also includes those photos that the users tried to upload online and it failed due to network connection errors or other problems. Facebook usually keeps a copy of such photos for a period of three days – just in case the user decides to come back and re-upload it.
Presently, Facebook hasn’t disclosed any explicit information about the impact of the breach. Next week, it will be rolling out tools for app developers to know the users of their apps affected by this said bug. It also pledges to continue working to ensure developers delete any photos from the affected users caused by the glitch.
And of course, they did apologize for this.
“We’re sorry this happened.”
Facebook will send an alert to the affected users over the coming days. They have also set up a dedicated help center link to further help provide useful information and assistance.
Are you affected by this breach? Do share with us your thoughts about this.