Skip to Content
Social media

Facebook ‘sorry’ for mistakenly exposing millions of users’ photos

It just hasn’t been a great year for Facebook. You would think the Cambridge Analytica debacle was enough for one calendar year, but since then accounts have been hacked and other data has been stolen.

The holiday scammers are also at it again, and for a time, Facebook messages from the past would randomly pop up as new again. Good times.

Almost to the finish line of 2018, Facebook is now reporting some accounts might have been affected by an API bug earlier this year. And this kind of bug exposed private photos for millions of users.

Not a picture-perfect end to the year

Friday, Facebook said its internal team found a bug that affected users who previously granted photo access permission to third-party app developers. In essence, these developers had access to potentially private photos during a 12-day window from Sept. 13 to Sept. 25. Here’s how Facebook’s Tomer Bar explained the issue in a blog posted to Facebook for Developers:

“When someone gives permission for an app to access their photos on Facebook, we usually only grant the app access to photos people share on their timeline. In this case, the bug potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories. The bug also impacted photos that people uploaded to Facebook but chose not to post. For example, if someone uploads a photo to Facebook but doesn’t finish posting it – maybe because they’ve lost reception or walked into a meeting – we store a copy of that photo so the person has it when they come back to the app to complete their post.”

Bonus: Cryptocurrency scams are now targeting Facebook

Facebook says the issue has since been fixed, but that it affected up to 6.8 million users and 1,500 apps built by nearly 900 developers. Yikes!

‘We’re sorry this happened’

Facebook plans to notify users impacted by this exposure. If you’re on the list, Facebook will notify you through your account with a link to its Help Center. There, you’ll be able to check if you’ve used any of the apps affected by the bug.

The social network says it’ll also be rolling out new tools for app developers early next week to help determine which specific app users were affected. Then, Facebook will work with those developers to delete photos from impacted users.

Bonus: Facebook wants to predict where you’re going

“We’re sorry this happened,” Bar said in the blog post. Read the blog in its entirety by clicking or tapping here

Finally, he recommends that Facebook users log into apps that were granted access to account photos and check what those apps actually have access to. App background

Check out the free App!

Get tech updates and breaking news on the go with the App, available in the Apple and Google Play app stores.

Get it today