- Feb 4, 2016
- 2,520
Facebook just announced that a bug in its application programming interface for photos may have allowed third-party unauthorized access to images on 6.8 million accounts.
Apps that receive user-permission to access photos are typically restricted to the content published on the Timeline. However, for a period of about two weeks between September 13 and September 25, an error in the code update for the Photo API extended this permission to other sections of the profile, such as Marketplace or Facebook Stories; furthermore, the pictures that the user did not publish were also exposed.
... ...
1,500 apps affected by the bug
Facebook found the issue internally and has already fixed it. The company estimates that the issue affects up to 6.8 million users and that 1,500 apps from 876 developers could have accessed the image content without consent. It is important to note that the apps had Facebook's approval to access Photos API and the authorization from the user to reach their photos.
... ...
People potentially impacted by the error will also receive a notification on Facebook, sending them to a Help Center page, that checks if their account has been impacted by the error in Photo API and the apps that may have had access to pictures outside the regular restrictions.