A Facebook software flaw may have exposed the photos of 6.8 million users to a much wider audience than intended, the social network confirmed Friday.
“Our internal team discovered a photo API bug that may have affected people who used Facebook Login and granted permission to third-party apps to access their photos,” said Facebook’s Tomer Bar, in a blog post.
“We have fixed the issue but, because of this bug, some third-party apps may have had access to a broader set of photos than usual for 12 days between September 13 to September 25, 2018.”
Bar said the bug may have affected up to 1,500 apps built by 876 developers
“We're sorry this happened,” he added. “Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug. We will be working with those developers to delete the photos from impacted users.”
It's not yet known whether anyone actually saw the photos, but the revelation of the now-fixed problem served as another reminder of just how much data Facebook has on its 2.27 billion users, as well as how frequently these slip-ups are recurring.
Bryan Becker, an application security researcher at WhiteHat Security, said that Facebook should look at its internal procedures for handling code. “If we take Facebook at their word that the exposure only ran for 12 days, I think it’s best to assume this was caused by a bug in a code update (rather than, say, a poorly thought out security policy),” he said, in a statement emailed to Fox News.
News of the embarrassing software flaw comes just a day after Facebook opened a pop-up kiosk in Midtown Manhattan to teach users about privacy.
Video: Facebook announces ‘bug’ that granted third-party apps access users photos
Comments