By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

Facebook announced that a bug in its application programming interface for photos may have allowed third-party unauthorized access to images on 6.8 million accounts. Apps that receive user-permission to access photos are typically restricted to the content published on the Timeline. However, for a period of about two weeks between September 13 and September 25, an error in the code update for the Photo API extended this permission to other sections of the profile, such as Marketplace or Facebook Stories; furthermore, the pictures that the user did not publish were also exposed. "For example, if someone uploads a photo to Facebook but doesn't finish posting it - maybe because they've lost reception or walked into a meeting - we store a copy of that photo so the person has it when they come back to the app to complete their post," Facebook explains in its notification. Image content shared through Messenger conversations was not impacted. Facebook found the issue internally and has already fixed it. The company estimates that the issue affects up to 6.8 million users and that 1,500 apps from 876 developers could have accessed the image content without consent. It is important to note that the apps had Facebook's approval to access Photos API and the authorization from the user to reach their photos. It is suspected that the number of people affected will ultimately be smaller, but it is too soon into Facebook's investigation to know for sure at this point. More details can be found on OUR FORUM.

 
 

Translate