Another day, another privacy issue with Facebook.
The company announced Friday morning that a photo API bug might have resulted in millions of people having their private photos become improperly accessible by up to 1,500 apps for a period of 12 days in September 2018.
As Facebook described it in a blog post by Tomer Bar, a company staffer:
When someone gives permission for an app to access their photos on Facebook, we usually only grant the app access to photos people share on their timeline. In this case, this may have affected up to 6.8 million users and up to 1,500 apps. The bug also impacted photos that people uploaded to Facebook but chose not to post. For example, if someone uploads a photo to Facebook but doesn’t finish posting it—maybe because they’ve lost reception or walked into a meeting—we store a copy of that photo so the person has it when they come back to the app to complete their post.
The online blog post noted that up to 6.8 million people may have been affected. This latest snafu comes after a September 2018 incident where the company announced that 50 million accounts may have been affected in an unrelated attack.
“We’re sorry this happened,” Bar concluded.