Facebook has themselves admitted that a bug has led to app developers getting access to photos of 6.8 million users. In a blog post the company said, “Currently, we believe this may have affected up to 6.8 million users and up to 1,500 apps built by 876 developers. The only apps affected by this bug were ones that Facebook approved to access the photos API and that individuals had authorized to access their photos.” According to Facebook, the bug has been fixed and the company is alerting potentially people affected by the bug.
Facebook’s blog post goes on to say, “We're sorry this happened. Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug. We will be working with those developers to delete the photos from impacted users.”
The issue isn’t something new. It happened for 12 days between September 13 to September 25, 2018. So what happened exactly? Well, according to Facebook, when someone gives permission for an app to access their photos on Facebook, the Social Networking site “usually only grant the app access to photos people share on their timeline. In this case, the bug potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories. The bug also impacted photos that people uploaded to Facebook but chose not to post”. This means that if you uploaded a photo and decided not to share it, the app developer had access to it.
2018 hasn’t been an exciting year for Facebook. The social networking giant came under fire when it was discovered that Cambridge Analytica, which worked with Trump's election team, was accused of harvesting millions of Facebook profiles of US voters. The firm has allegedly been using Facebook users' data to unfairly influence election results by psychological manipulation, entrapment techniques and fake news campaigns. You can read more about the Cambridge Analytica incident here.
Once again in September, it was discovered that 50 million Facebook accounts were hacked. At the time, Facebook’s Vice President of Product Management, said that the social network discovered a vulnerability in its system that allowed hackers to “take over people’s accounts.” Facebook claims to have patched the vulnerability and additionally, users affected by the hack have been forced to sign in to their accounts once again. You can read more about the September Facebook hack here.
Moving back to July, data of 120 million Facebook users was compromised through popular quiz-making platform NameTests. Facebook of course revoked the access tokens for everyone on the platform who had signed up to use this app, but it doesn’t change the fact that if you took one of those personality quizzes at the time, your data was hacked. You can read more about the incident here.