Facebook’s biggest privacy scandal was discovered. There have been multiple occurrences of data breaches ever since. Another issue has rocked 1 Hacker Way, Facebook’s headquarter.
A bug in Facebook’s API has left several private user photos exposed. The latest news is the major blow for social networking giant who is trying to repair its reputation from the previous data breaches.
The company has announced that as many as
6.8 million users may have been affected by the API bug. Some third-party apps may have had access to more set of photos than the granted permission. These exposure to unwanted photos happened for 12 days between September 13 to September 25, 2018. The API leak may have affected up to 1,500 apps built by 876 third party developers.
In a blog post, Facebook explains how the API bug may have leaked photos. When users give permission for a third-party app to access their photos, the platform only grants access to pictures that are shared on user’s timeline. In this case, because of the bug access was potentially given to other photos including those shared on marketplace or Facebook stories.
The major concern is that the bug also ended up impacting photos that people uploaded as private. According to Facebook, the vulnerability was in an error related to Facebook login and its photos API.
How to check if you are affected?
Facebook has announced that it will notify the users that are potentially impacted by the photo leak. These users will receive a notification on their mobile app. According to Facebook, the notification will direct the users to a link on its Help Center, which will list the apps that were affected by the bug. It’s important that users log into those apps to check which photos are shared with the affected apps.
How Facebook plans to fix its image
Considering the numerous data breaches that have come into the picture, Facebook is in hot water again. In many cases, the problems have not been caused by hackers but through callous handling of user data by Facebook. According to the social network, the vulnerability is now patched. Facebook has also clarified that the breach had no effect on private photos shared through Messenger, Instagram or WhatsApp.