On December 14th, 2018 Facebook notified about a Photo API Bug. As a result, apps were exposed to about 6.8 million private photos of users. Now often when someone uses an app on Facebook, the app gets a limited amount of access to a user’s pictures. But thanks to this Bug app were got pictures they weren’t supposed to see. Now, these pictures include Pictures from one’s stories and even those that had “only me” or “custom” viewing on them. Even draft pictures, believe it or not.
This exposure took place between sometime between September 12th and September 25th. This in total affected 6.8 million people and up to 1500 apps. Now if 6.8 million photos leak wasn’t bad enough, it took Facebook 12 days to figure out and solve the problem. A problem of this scale should have been identified and fixed as soon as possible. Maybe, Facebook was STILL preoccupied with a past breach of a larger scale.
Now, as a solution, every affected user will get a notification alert regarding this. Facebook is also trying to reach out to all of the 876 app developers and have those pictures deleted.
“We’re sorry this happened. Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug. We will be working with those developers to delete the photos from impacted users.”
According to Tomer Bar, Engineering Director at Facebook.
This breach happened just one day after Facebook introduced the popup, which shows how to manage privacy. Talk about irony. This year has been quite “breaching” for Facebook. A notable one would be the Cambridge Analytica. The Cambridge Analytica happened namely because of Facebook not paying attention to data sharing. Now, most the breaches that happened this year were not because of hackers. Rather root of the problem is in Facebook not paying the attention required.