It’s no secret Facebook and Instagram have both had some major security problems, including the Cambridge Analytica scandal and various other data breaches. Now a new Facebook bug has put users’ photos in jeopardy and left millions of users exposed.
Security flaws have struck many of the biggest tech companies this year. Even Google has admitted to having issues. The search giant announced plans to disable its consumer social media app Google+ due to a security flaw which exposed many users’ data.
The new Facebook bug exposed the private photos of about 6.8 million users. According to the company, developers of third-party apps integrated into the social network could see users’ private photos, even though they didn’t actually have permission to view them. The bug is just one of a growing number of bugs and leaks in popular social networks.
Users are finding it harder and harder to maintain trust in the social network, so many have deleted their accounts, encouraged by WhatsApp co-founder Brian Acton on Twitter. Because of this trend, Facebook has extended the account deletion process from 14 to 30 days. The move is widely seen as an attempt to keep users on the social network. The extended process gives users more time to mull their decision to delete their accounts — just in case they change their minds and want to log back on.
Facebook acknowledged this latest bug in a blog post directed at developers. The company said the bug affected those who used Facebook Login and permitted third-party apps to access their photos. It allowed developers to see not only the photos they were given permission to view, but also other photos they shouldn’t have been allowed to view.
“Currently, we believe this may have affected up to 6.8 million users and up to 1,500 apps built by 876 developers. The only apps affected by this bug were ones that Facebook approved to access the photos API and that individuals had authorized to access their photos,” Facebook wrote in its blog post.
People use many different third-party apps on Facebook for their own entertainment. Users allow these apps to access the photos they share on their timeline, and the permission is supposed to only last for 12 days. However, the bug granted developers access to other photos users uploaded and posted in other places like Stories. The bug also allowed developers to see photos which were uploaded but not posted.
The new Facebook bug affecting users’ photos was live Sept. 13-25, so it took quite a while for the company to acknowledge it and notify developers about it.
“We’re sorry this happened. Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug. We will be working with those developers to delete the photos from impacted users,” Facebook wrote.
Facebook also said the affected users will be notified and directed to the Help Center. If you think you may be one of the affected users, you can check here.