Facebook had to acknowledge another security issue late last week which impacted up to 6.8 million users. The bug exposed private photos, Facebook explained, allowing apps to access content that users hadn’t shared.

Facebook has fixed the issue and said it planned to issue a tool for app developers to determine which of their customers might have been impacted by the bug. But the good news is that you can also manually check to see if your photos have been exposed to app developers without your knowledge.

Facebook said the bug was active for 12 days between September 13th and September 25th, during which time third-party apps that had access to a user’s photo gallery were able to also access photos that were not meant to be public:

When someone gives permission for an app to access their photos on Facebook, we usually only grant the app access to photos people share on their timeline. In this case, the bug potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories. The bug also impacted photos that people uploaded to Facebook but chose not to post. For example, if someone uploads a photo to Facebook but doesn’t finish posting it – maybe because they’ve lost reception or walked into a meeting – we store a copy of that photo for three days, so the person has it when they come back to the app to complete their post.

Facebook said at the time that up to 1,500 apps built by 876 developers were impacted, and up to 6.8 million customers. Only apps that Facebook approved to access the photos API and that users authorized to access their photos were affected. Facebook has created a help page that you can access at this link, to see whether you’re one of the 6.8 million people impacted by the bug.

Image Source: Facebook

You’ll see an image like the one above if your private photos were not accessed by any of your photo apps that you may have installed on your phone. Otherwise, a list of culprits will appear, and you may want to clean up the collection of private photos you uploaded to Facebook, in case you’re worried this might happen again.

Comments