Facebook said on Friday that up 6.8 million people may have been affected by a software bug exposing their photos to third-party app developers who did not have permission to view them.
Tomer Bar, Facebook’s engineering director, said in a blog post that the bug had been active for 12 days in September and has since been fixed.
“We’re sorry this happened,” Bar wrote. “Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug. We will be working with those developers to delete the photos from impacted users.”
He added that the company would begin notifying affected users via alerts.
The latest vulnerability adds to the growing list of incidents threatening public trust in technology companies and prompting scrutiny from regulators around the world.
The bug revealed on Friday only involved users who had granted permission to certain apps to access their photos. Bar estimated that it affects 876 developers and about 1,500 of their apps.
When users grant access to their photos to third parties, it typically only applies to those posted on their timelines. The bug gave developers who had obtained that permission to access photos outside of that scope, including those posted on users’ stories.
And in some cases, Barr wrote, app developers may have been able to access photos that weren’t even posted but merely saved to Facebook in offline mode.
……..
- Discussion
-
Facebook reveals bug affecting photos of up to 6.8 million users https://t.co/isLBlxl87u pic.twitter.com/PRi7mBQ1ru
— The Hill (@thehill) December 14, 2018
You must be logged in to reply to this topic.