The latest Facebook exposure was due to a programming bug on their website which allowed 1,500 third-party apps access to unposted Facebook photos of 6.8 million users.
Facebook realized that there was a new APT bug in its photo-sharing system, leaking private photos from Marketplace, Facebook Stories, or photos uploaded to Facebook but not posted to the user’s Timeline.
“When someone gives permission for an app to access their photos on Facebook, we usually only grant the app access to photos people share on their timeline. In this case, the bug potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories,” Facebook said.
The privacy flaw left users’ private data exposed for 12 days, between September 13th to September 25th when Facebook discovered the bug and put an end to it.
“Currently, we believe this may have affected up to 6.8 million users and up to 1,500 apps built by 876 developers. The only apps affected by this bug were ones that Facebook approved to access the photos API and that individuals had authorized to access their photos,” Facebook said.
Facebook notified impacted users of this flaw through an alert on their timeline that their photos may have been exposed and the users were directed to a Help Center page with further details.
cebookalso says the social media network will soon be rolling out “tools for app developers that will allow them to determine which people using their app might be impacted by this bug.”
Facebook will be working with app developers to delete copies of photos by unauthorized access.
Original Article Found Here.