December 15, 2018:

On Saturday, in yet another instance of users' data getting leaked, Facebook has discovered a bug that exposed users' photos to app developers.

Seems like data privacy and Facebook just don't see eye to eye. What's worse? It has affected close to a whopping 7 million Facebook users.

Although Facebook claims to have fixed the bug, the damage has already been done.

In a blog post, Facebook announced that its international team had discovered a bug that might have affected people who "used Facebook Login and granted permission to third-party apps to access their photos."

The social media giant added that an estimated 6.8 million users had been affected, along with 1,500 apps developed by 876 developers.

Generally, when a user grants third-party apps access to their Facebook photos, apps only get access to Facebook photos shared by the user on his/her timeline.

However, the bug gave app developers access to other photos, including photos shared on Facebook Stories or Marketplace.

Further, the bug also gave developers access to photos that were uploaded to Facebook but not posted.

The blog post also conveyed that Facebook was "sorry" for the mishap, and would be taking corrective measures.

Early next week, the social media giant will release tools for app developers that will help them determine which users using their apps had been affected by the bug.

Facebook will then work with developers to delete photos from apps that gained unwarranted access.

The social media giant has also said that it will notify users who could have been impacted by the bug.

Such users will be given a Help Center link that will allow them to see whether they have used any apps that were affected by the bug.

Further, Facebook has urged users to check what Facebook photos authorized third-party apps have access to.

While the blog post was released on December 14, TechCrunch revealed that Facebook had detected and fixed the bug on September 25.

Interestingly, this delay in notifying people could subject Facebook to a hefty fine of £20mn, or 4% of annual global revenue under the European Union's General Data Protection Regulation (GDPR).

Reportedly, a statutory inquiry has been launched against Facebook too.

Facebook has already seen a tumultuous 2018, and this privacy failure will further lower public confidence in the company.

Following the Cambridge Analytica scandal, Facebook has been plagued by data leaks and breaches.

In September this year, 30 million users' data was compromised, including their names, numbers, emails, locations etc.

Then a series of bugs followed which, in minor ways, also impacted users' privacy.

Interestingly, as TechCrunch again notes, Facebook discovered this bug on the same day it discovered the 30 million user data breach, but evidently hushed this up.

Maybe it was afraid of a bigger backlash from the public? Possibly, given Facebook's current track record.

Everything said and done, it seems like Facebook is fast losing control of its network's security, and that doesn't bode well.

Source Link

Picture Source :