Facebook bug exposed 6.8 million user’s private photos to app developers

Must Read

Microsoft partners with Accenture to host virtual startup challenge in India

Microsoft 100X100X100 program that focuses to bring 100 companies and 100 early and growth startups will collaborate with Accenture Ventures Open Innovation program to host Accenture Ventures Challenge

SAP eyes India’s MSMEs with ‘Global Bharat’ program

With the aim to focus on MSMEs market in India, SAP has launched 'Global Bharat' program with , UNDP and Pratham

With AWS Outposts, Amazon Web Services enters into data center in India

Amazon Web Services said that , a new product that brings its cloud infrastructure to on-premises data center is now available in India

It seems there is no full stop to saga of misuse of users private data. On Friday, the social media firm admitted that it had mistakenly exposed private photos of millions of users without their permission to app developers.

According to reports, a bug on Facebook Photo API allowed third-party app developers to access photos of 6.8 million users who may not have shared their photos publicly. This not only included the photos that the users have uploaded on their timelines but the ones they have uploaded elsewhere like the Facebook Marketplace or even the ones that they uploaded to share but not made live after changing their minds.

According to Facebook it discovered that users photos were exposed over a 12 days from from September 13th to September 25th in 2018. After finding out about the bug, the company said it has been investigating the issue to understand its impact to ensure that it has contacted the right developers and the people affected by this bug.

According to media reports, the bug allowed about 1,500 apps that had been given permission to access users’ photos also see pictures they never shared on their timeline.

Facebook tells TechCrunch that it discovered the breach on September 25th, and informed the European Union’s privacy watchdog the Office Of The Data Protection Commissioner (IDPC) on November 22nd. The IDPC has begun a statuatory inquiry into the breach.

According to Ankush Johar, Director at Infosec Ventures, humans are the weakest link in cyber security, and privacy is an urban legend today. This has been proven time after time. The security of a user’s data lies in their own control and the only way to be secure is to be vigilant and suspicious by nature. Be your own HumanFirewall! Users are suggested not to provide any permission to ‘silly’ Facebook Apps that provide no utility and immediately take corrective action by retracting permission from needless apps. This can be done via the ‘security and privacy settings’ on the Facebook App or Website.

In this specific instance, only those users may have been affected who gave access to third party facebook apps that had access to their photos, but as seen in past facebook hacks, hackers are easily able to develop fake apps like “Quiz Apps” and “What Celebrity You Look Like Apps” for example, that appear to need genuine reasons to access photos, friend lists etc but in the background they steal information of users.

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Leave a Reply

*The moderation of comments is automated and not cleared manually by techobserver.in. Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

- Advertisement -SAP Hana

Related Articles