Facebook's new bug exposes millions of photos
December 14, 2018Facebook's chief engineer apologized on Friday after a new bug allowed app developers to "potentially" access photos of up to 6.8 million Facebook users.
The privacy breach lasted for 12 days, ending on September 25. During that time, around 1,500 third-party applications had access to photos shared on Facebook Marketplace or Facebook Stories, but also to pictures that user uploaded to their accounts but did not post.
"We're sorry this happened," engineering director Tomer Bar said in a message to developers, adding that the company has fixed the issue.
Read more: Facebook: 'The truth has been lost'
"Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug," Bar said. "We will be working with those developers to delete the photos from impacted users."
Ireland to investigate
Facebook said it would send an alert through its social media platform to inform users who may have been affected. The notification would take them to a link that would list any apps they have used which could have accessed their photos.
Following the statement, Ireland's Data Protection Commission said it opened a probe into the company to see if Facebook complied with EU's toughened privacy rules which took effect in May.
Read more: Facebook chief Mark Zuckerberg admits responsibility for data misuse
Friday's announcement comes at the end of the year of scandals targeting the world's largest social media platform.
Beyond Cambridge Analytica breach
In April, Facebook CEO and founder Mark Zuckerberg testified before the US Senate over the Cambridge Analytica scandal, after the political consulting firm harvested private data of up to 87 million Facebook users for the 2016 election.
In June, Facebook confirmed sharing data with at least four large Chinese tech companies, including cell phone maker Huawei, which US intelligence agencies consider a national security threat. According to The New York Times, Facebook officials said the agreements with the Chinese companies gave them access similar to a deal offered to BlackBerry, which included detailed info on users and all of their friends, such as religious and political leanings, work, education history and relationship status.
Read more: Munich court to try Facebook's Zuckerberg for inciting hatred
Also in June, Facebook confirmed that some 14 million users had their default sharing settings changed to public for four days in May. In October, hackers obtained private data of around 29 million Facebook accounts.
The company also struggled to respond to reports on Facebook's questionable lobbying practices, as well as claims that it had used a consulting company, Definers Public Affairs, to undermine critical US senators and attack companies such as Google and Apple through its affiliates.
dj/sms (Reuters, AFP)