Another day, another privacy breach!
Source: Facebook bug exposed private photos of 6.8M users to third-party developers
Another day, another privacy breach – This time, the social media giant Facebook has announced that a bug in its Photo API exposed private photos of over 6.8 million users to third-party app developers.
The breach took place from September 13 to September 25, 2018, which means for 12 days straight some developers could view your personal and private photos without any restriction and without your consent. The company believes that up to 1,500 apps built by 876 developers had access to user’s photos.
This included photos uploaded by users on their Facebook Stories and Marketplace. Unsurprising, this also included photos that users uploaded to Facebook but decided to post. It is noteworthy that Facebook saves a copy of everything a user does on the timeline box including unpublished statues and photos.
See: Facebook Monitors Everything You Type Even If You DON’T Post
“If someone uploads a photo to Facebook but doesn’t finish posting it – maybe because they’ve lost reception or walked into a meeting – we store a copy of that photo for three days so the person has it when they come back to the app to complete their post,” wrote Facebook’s engineer director Tomer Bar.
