Facebook bug may have exposed 6.8M users' unposted photos

Facebook bug may have exposed 6.8M users' unposted photos

Facebook bug may have exposed 6.8M users' unposted photos

Facebook says it has fixed a bug that may have exposed private photos of up to 6.8 million users.

"We're sorry this happened", Bar added.

The photo flaw was initially introduced on September 13, meaning developers could have accessed users' photos for 12 days.

That includes images that someone might started posting, but decided against before finishing the task, as Facebook keeps a copy of the initial attempt in case the user wants to upload it later. "We will be working with those developers to delete the photos from impacted users", the company promised on a blog post. (For scale, Facebook has over 2 billion monthly active users.) If you're among them, Facebook says it will be notifying you via a Facebook alert.

Connected apps, which users have signed up to with their Facebook account, can access a variety of user data including usernames and profile pictures.

The bug apparently stemmed from a problem in Facebook's Photo API, (application program interface).

As for the delayed response itself, Facebook has simply apologized - yet again. Facebook said it has notified the Irish Data Protection Commission of the breach.

The European data law requires companies to report data breaches to authorities within 72 hours, giving regulators authority to impose fines of up to 4 per cent of annual global revenue for infractions. Since the Cambridge Analytica incident, Facebook has been under the scanner for its poor handling of user data. Normally this would only give the app access to photos that were published to the user's timeline but other photos were exposed as well. Guy Rosen, Facebook's vice president of product management, stated in the blog post revealing the bug: "The vulnerability was on Facebook, but these access tokens enabled someone to use the account as if they were the account-holder themselves".

It didn't matter what privacy settings a user had placed on their images or posts.

The private information of Facebook users was alleged to be used to influence the US 2016 general elections in favor of President Donald Trump's campaign. There affected users where will likely be able to see what images may have been compromised by Facebook to these third party developers.

Several of Facebook's recent privacy lapses have involved third-party apps. In response to that scandal, Facebook initiated a broad review of the games and other third-party apps made available to its users on the site. This time there was a flaw in the platform that let apps access people's photos that should not have been available.

Also, try using Facebook from your web browser than the actual app.

Related news

[an error occurred while processing the directive]