Recently, Facebook announced about the exposure of private photos of about 6.8 million users. With this exposure, apps were able to access these pictures that weren’t ought for them.
Facebook enabled these apps to view a limited set of its users’ photos. But, these apps were able to access other pictures of users through a bug. These pictures include people’s stories as well as discarded photos that were never posted (as Facebook saved its copy).
Everything occurred between 12th and 25th of September. Facebook detected this breach on 25th of September, and we don’t know why it took so long to uncover it. (Maybe because the company was busy in dealing with some other larger breach that it also discovered on the same day.)
Data breaches continue to surround Facebook
Facebook will send a notification alert to users whose photos may have been exposed. Also, it will ask developers to delete all copies of photos that were never supposed to access. It was able to detect about 1,50p apps from 876 unique developers that accessed users’ pictures using a bug.
According to Facebook, the bug is related to its Login and photos API error. This error allows developers to access Facebook pictures within their apps. Affected users have logged into some sort of third-party app using their Facebook account, which allowed such developers to see their pictures.
Tomer Bar, engineering director at Facebook expressed about this inconvenience saying “We’re sorry this happened”. A day before Facebook detected this breach, it made a new pop-up installation available in New York for managing privacy on its platform.
This year, Facebook is again into trouble regarding its data. Exposures and data breaches are not leaving Facebook anyway. These issues aren’t related to any sort of attacks from hackers, but because of problems within Facebook itself. In the case of Cambridge Analytica breach, it was Facebook’s lack of supervision of its data and developers. And, in case of this recent issue, it is a bug between Facebook and developers’ communication channel.
Due to such similar issues, Google already decided to close Google+. This year, the exposure of information to developers occurred twice. One of the most important goals of social media giants should be making their platforms reliable and secure. Social media giants need to make their platforms completely safe and reliable to its users.