Facebook’s Latest Fail Allowed Unauthorized Access to the Photos of 6.8 Million Users
Facebook is closing out 2018 much the same way it spent the rest of the year: by announcing and apologizing for grievous mistakes.
The social media giant revealed today that a software bug might have allowed third-party apps to access the photos of 6.8 million users. These photos include shots that users began uploading to Facebook but never posted publicly.
In a blog post, the tech giant announced that it has now fixed the bug. But from September 13 to September 25 of this year, up to 1,500 apps built by 876 developers had access to these photos. No list of these apps was available. Tomer Bar, the company’s engineering director, says in the blog post:
“When someone gives permission for an app to access their photos on Facebook. We usually only grant the app access to photos people share on their timeline. In this case, the bug potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories. The bug also impacted photos that people uploaded to Facebook but chose not to post.”
The company has battled with multiple privacy violations this year, including the big one in which 87 million users possibly had their information shared with Cambridge Analytica, a political group aligned with President Trump, in March. In April 2018, the company announced that as part of wider reforms it would be limiting third-party access to profile photos.
“We’re sorry this happened,” Bar’s blog post continues. “Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug. We will be working with those developers to delete the photos from impacted users.”
Facebook highly values user photos. Recently, the company filed a patent for technology that can identify a full family through using the context clues of uploaded photos. The hypothetical technology would then allow marketers to better sell products to a family.