A Facebook bug has exposed the private photos of up to 6.8 million users. The bug means thousands of third-party apps had potential access to photos they didn’t have permission to view. The worst thing is the amount of time Facebook took to disclose the incident.
Facebook’s Very Bad Year
It’s fair to say Facebook hasn’t had a good 2018. There was the Cambridge Analytica scandal everyone should be familiar with by now. And over a backdrop of people deleting Facebook, the social network has had ongoing issues maintaining people’s trust.
The issues run deep, with Facebook battling the spread of fake news, advertising campaigns with the potential to influence elections, and a seemingly lax attitude to users’ data and privacy. And now we get the news that private photos were exposed to apps.
Facebook Discloses New Bug
Facebook disclosed the incident in a Facebook for Developers Blog post. The social network explains that this bug affected “people who used Facebook Login and granted permission to third-party apps to access their photos”.
Users sometimes give apps permission to access photos they share on their timeline. However, this bug meant that for 12 days developers could also access other photos shared on Facebook, and even photos people uploaded but then decided not to post.
The bug in question was live between September 13 and September 25, 2018. Facebook discovered and duly fixed the bug on the 25th. However, it has taken almost three months for Facebook to notify the developers affected and, by extension, the users affected.
Facebook is “sorry this happened,” and is rolling out tools to help developers “determine which people using their app might be impacted by this bug.” Those people will then be notified, and directed to a Help Center link explaining the issue in more detail.
Fingers Crossed for 2019
This tops off an annus horribilis for Facebook, and we really hope 2019 brings better fortune. Not for Facebook’s sake, but for the sake of its users. Otherwise Facebook et al might find that everyone collectively decides to quit social media altogether.