Skip to content

Facebook breach: 6.8 million users affected by photo bug

  • by
  • 5 min read

US top social media network Facebook admitted that about 6.8 million users may risk their private photos being exposed to third-party apps.

The company on Friday said more than 1,500 apps built by 876 developers may have also been affected by the bug that exposed users’ unshared photos during a 12-day-period from Sept. 13 to Sept 25, Xinhua news agency reported.

Facebook said it has fixed the breach and will roll out next week “tools for app developers that will allow them to determine which people using their app might be impacted by this bug.”

Those affected by the bug were apps “that Facebook approved to access the photos API and that individuals had authorized to access their photos,” Facebook added. The bug allowed those apps to see pictures of Facebook users that they were not granted access to.

Also read: What is Keylogging? 6 ways to protect yourself

Facebook said it will give its users notification about the possible exposure of their private photos, and that it will be working with developers to delete those copies of photos from impacted users.

The disclosure is another example of Facebook’s failure to properly protect users’ privacy that may drew more criticism of its privacy policy.

The world’s largest social media network has been grilled over the past year for its mishandling of user data, including its involvement in a privacy scandal in March when Cambridge Analytica, a British political consultancy firm, was accused of illegally accessing the data of more than 87 million Facebook users without their consent.

The private information of Facebook users was alleged to be used to influence the U.S. 2016 general elections in favor of President Donald Trump’s campaign.

Last month, Facebook announced that up to 50 million users could have their accounts controlled by hackers due to a security bug that its CEO Mark Zuckerberg called “very serious.”

Also read: What is Big Data? Everything you need to know

Irish watchdog opens inquiry into the latest Facebook privacy breach

Ireland’s Data Protection Commission (DPC) has announced a fresh investigation into Facebook, a day after the social networking giant admitted another security breach where nearly 6.8 million users risked their private photos being exposed to third-party apps.

Facebook, which is already facing a probe from the Irish watchdog for a previous privacy leak in September that affected 50 million people, may end up with fine of 4 per cent of its annual turnover – the highest fine under the new European General Data Protection Regulation (GDPR), The Independent reported on Saturday.

10mn British voters influenced by Facebook ads as they fights fake news

In Facebook’s case, the fine could amount to nearly 1.5 billion euros.

“The Irish DPC has received a number of breach notifications from Facebook since the introduction of the GDPR on May 25, 2018,” a spokesperson for the watchdog was quoted as saying.

In the News: Facebook fined €10 million by Italy for selling users’ data without consent

The fresh move came after Facebook on Friday said more than 1,500 apps built by 876 developers may have also been affected by the bug that exposed users’ unshared photos during a 12-day-period from September 13 to 25.

Facebook, in a statement, said it has fixed the breach and will roll out next week “tools for app developers that will allow them to determine which people using their app might be impacted by this bug”.

“Currently, we believe this may have affected up to 6.8 million users and up to 1,500 apps built by 876 developers. The only apps affected by this bug were ones that Facebook approved to access the photos API and that individuals had authorised to access their photos.

Photo by Jason McElweenie

“We’re sorry this happened,” said Facebook, adding that it will also notify the people potentially impacted by this bug via an alert.

The disclosure is another example of Facebook’s failure to properly protect users’ privacy that may drew more criticism of its privacy policy.

Earlier this month, Italian regulators fined Facebook 10 million euros for selling users’ data without informing them.

The competition watchdog handed Facebook two fines totalling 10 million euros, “also for discouraging users from trying to limit how the company shares their data”.

The Irish watchdog, which is Facebook’s lead privacy regulator in Europe, in October opened a formal investigation into a data breach which affected 50 million users.

“The investigation will examine Facebook’s compliance with its obligation under the General Data Protection Regulation (GDPR) to implement appropriate technical and organisational measures to ensure the security and safeguarding of the personal data it processes,” said the DPC.

The world’s largest social media network has been grilled over the past year for its mishandling of user data, including its involvement in a privacy scandal in March when Cambridge Analytica, a British political consultancy firm, was accused of illegally accessing the data of more than 87 million Facebook users without their consent.

The private information of Facebook users was alleged to be used to influence the US 2016 general elections in favour of President Donald Trump’s campaign.

Also read: Google personalises search results even in incognito mode: Study

IANS

IANS

>