Facebook exposed private photos of 6.8 million users to apps that weren’t supposed to see them, The company said this. These apps have authorized access to see a limited set of users’ photos. But the bug allowed them to see pictures they weren’t granted access to. These included photos in the people’s stories as well as photos that people uploaded but never posted.
The exposure occurred between September 12th and September 25th. Facebook told to TechCrunch that it discovered the breach on the 25th; it isn’t bit confusing why the company waited until now to disclose it.
Affected users may receive a notification alerting them that their photos may have been exposed. Facebook also says it’ll be working with developers to delete copies of photos they weren’t supposed to access.
:format(webp):no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/13626331/48789954_586266551832240_8195718961447305216_n.jpg)
Facebook said the bug had to do with an error related to Facebook Login and its photos API, which allows developers to access Facebook photos within their own apps. All of the impacted users uses third-party app for log in using their Facebook accounts and granted them some degree of access to view their photos.
Writes Tomer Bar, engineering director at Facebook said “We’re sorry this happened”.
Google has already pledged to shut down Google+ over similar issues. Twice this year, the service exposed information inappropriately to developers.
If you will get such type of notification, then you may follow the instructions given by the Facebook.
