Facebook has discovered a bug that affected close to seven million users, exposing their photos to app developers. In a blog post, the social media giant said the bug affected people who used Facebook Login for third-party apps and granted them permission to access their photos.
The Facebook bug may have affected up to 6.8 million users along with up to 1,500 apps. “We have fixed the issue but, because of this bug, some third-party apps may have had access to a broader set of photos than usual for 12 days between September 13 to September 25, 2018,” Facebook said in a post.
The bug not only exposed photos that were posted on Facebook by the affected users, but also photos that the user uploaded to the platform but chose not to post them due to technical or other reasons.
The company said it stores a copy of photos that the user uploads but does not finish posting it. In addition, it also exposed photos that were shard on Marketplace or Facebook Stores.
Facebook has said it will soon notify people who were potentially impacted by his bug and users can check if they ave used any apps that were affected. The company will also work with developers to deleted photos from impacted users.
Facebook is under the scrutiny for security-related issues and how its management handled the Cambridge Analytica data scandal. Last month, Facebook account data of 120 million users, including their personal chats, were allegedly compromised and put up for sale on the Internet, as per a BBC Russian Service report.
Prior to this, the company posted about a vulnerability in its code that lets people preview how their profile appears for others. Facebook claimed that 30 million users had their access tokens stolen by exploiting 400,000 accounts.