Facebook flaw caused unauthorized access to photos of millions of users

Facebook has revealed that a major software bug may have allowed third‑party apps to wrongly access the photos of up to 6.8 million users, including images that people began uploading to the site but didn’t post publicly.

The mishap, which occurred over a 12‑day period in September, adds to Facebook's mounting privacy headaches after a series of incidents earlier this year in which it failed to fully safeguard the personal data of its users.

In general, Facebook allows apps by third‑party developers to obtain users’ permission and access photos shared on their timeline.

Facebook explained in a blog post that because of the bug, though, roughly 1500 apps could access "a broader set of photos than usual.

That includes photos that a user may have started to post, but abandoned before actually publishing, because Facebook keeps a copy of the draft in the event a user might want to finish uploading it later.

In response, Facebook apologised to users today.

The company said that early next week they will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug.

[Source: stuff.co.nz]