Social Media
Facebook bug exposed up to 6.8M users’ unposted photos to apps
Reset the “days since the last Facebook privacy scandal” counter, as a Facebook has just revealed a Photo API bug gave app developers too much access to the photos of up to 5.6 million users. The bug allowed apps users had approved to pull their timeline photos to also receive their Facebook Stories, Marketplace photos, and most worryingly, photos they’d uploaded to Facebook but never shared. Facebook says the bug ran for 12 days from September 13th to September 25th.
Facebook initially didn’t disclose when it discovered the bug, but in response to TechCrunch’s inquiry, a spokesperson says that it was discovered and fixed on September 25th. They say it took time for the company to investigate whch apps and people were impacted, and build and translate the warning notification it will send impacted users. The delay could put Facebook at risk of GDPR fines for not promptly disclosing the issue within 72 hours that can go up to 20 million pounds or 4 percent of annual global revenue.
Facebook provided merely a glib “We’re sorry this happened” in terms of an apology. It will provide tools next week for app developers to check if they were impacted and it will work with them to delete photos they shouldn’t have. The company plans to notify people it suspects may have been impacted by the bug via Facebook notification that will direct them to the Help Center where they’ll see if they used any apps impacted by the bug. It’s recommending users log into apps to check if they have wrongful photo access. Here’s a look at a mockup of warning notifcation users will see:
The privacy failure will further weaken confidence that Facebook is a reponsible steward for our private data. It follows Facebook’s massive security breach that allowed hackers to scrape 30 million people’s information back in September. There was also November’s bug allowing websites to read users’ Likes, October’s bug that mistakenly deleted people’s Live videos, and May’s bug that changed people’s status update composer privacy settings. It increasingly looks like the social network has gotten too big for the company to secure. Curiously, Facebook discovered the bug on September 25th, the same day as its 30 million user breach. Perhaps it kept a lid on the situation in hopes of not creating an even bigger scandal.
That it keeps photos you partially uploaded but never posted in the first place is creepy, but the fact that these could be exposed to third-party developers is truly unacceptable. And it seems Facebook is so tired of its failings that it couldn’t put forward even a seemingly heartfelt apology is telling. This company’s troubles are not only souring users on Facebook, but employees and the tech industry as large as well. CEO Mark Zuckerberg told Congress earlier this year that “We have a responsibility to protect your data, and if we can’t then we don’t deserve to serve you.” What does Facebook deserve at this point?
-
Entertainment6 days ago
Earth’s mini moon could be a chunk of the big moon, scientists say
-
Entertainment6 days ago
The space station is leaking. Why it hasn’t imperiled the mission.
-
Entertainment5 days ago
‘Dune: Prophecy’ review: The Bene Gesserit shine in this sci-fi showstopper
-
Entertainment5 days ago
Black Friday 2024: The greatest early deals in Australia – live now
-
Entertainment4 days ago
How to watch ‘Smile 2’ at home: When is it streaming?
-
Entertainment3 days ago
‘Wicked’ review: Ariana Grande and Cynthia Erivo aspire to movie musical magic
-
Entertainment2 days ago
A24 is selling chocolate now. But what would their films actually taste like?
-
Entertainment3 days ago
New teen video-viewing guidelines: What you should know