Click to Skip Ad
Closing in...

New Facebook bug exposed private photos from millions of users

Published Dec 14th, 2018 5:33PM EST
Facebook Bug
Image: AP/REX/Shutterstock

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

It seems that we can’t even go a few weeks without some new story about a worrisome Facebook bug emerging. Earlier today, the social networking giant revealed that one of their internal teams discovered a photo API bug impacting third-party apps. Specifically, some third-party apps may have had access to a broader set of a user photos than typically allowed, both public and private, for about 12 days in late September.

When it comes to third-party Facebook apps and their access to user photos, the way it works is pretty simple: apps can only access public photos which appear on a given user’s timeline. The bug in question, however, granted access to all sorts of photos, even photos that weren’t fully posted to the site.

“In this case, the bug potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories,” Facebook explained on a blog post earlier today. “The bug also impacted photos that people uploaded to Facebook but chose not to post. For example, if someone uploads a photo to Facebook but doesn’t finish posting it – maybe because they’ve lost reception or walked into a meeting – we store a copy of that photo so the person has it when they come back to the app to complete their post.”

All told, Facebook relays that the bug potentially impacted upwards of 6.8 million users.

“Currently, we believe this may have affected up to 6.8 million users and up to 1,500 apps built by 876 developers,” Facebook said. “The only apps affected by this bug were ones that Facebook approved to access the photos API and that individuals had authorized to access their photos.”

Along with an apology, Facebook says that it plans to introduce a new tool for app developers to figure out which users might have been vulnerable to the bug. Additionally, Facebook said that it will alert individual users who may have had their photo collection compromised by the bug over the next few days.

At this point, there is no indication as to which apps in particular had improper access to user photos, nor is there any indication as to how many photos were improperly accessed.

Yoni Heisler Contributing Writer

Yoni Heisler has been writing about Apple and the tech industry at large with over 15 years of experience. A life long expert Mac user and Apple expert, his writing has appeared in Edible Apple, Network World, MacLife, Macworld UK, and TUAW.

When not analyzing the latest happenings with Apple, Yoni enjoys catching Improv shows in Chicago, playing soccer, and cultivating new TV show addictions.

Latest News