Facebook Says Bug May Have Exposed Users’ Private Photos

December 14, 2018 - 4:29 pm

NEW YORK (WCBS 880/AP) — Facebook said Friday that a software bug may have allowed app developers to see photos that users did not want to be seen.

CNET reporter Alfred Ng spoke to WCBS 880 to explain the software bug affecting nearly 7 million users.

“These are photos that you might have uploaded to Facebook but never posted, or these are also photos that you might have posted on to Facebook market place, you know where people are trying to sell items, or on their private photos or anything like that that they don't want anyone else seeing, these are photos that third party apps could have seen, so things like Tinder, or any other app that also requests for access to your photos on Facebook and they were developers that could have seen them because of this bug that Facebook discovered in September and fixed,” Ng explained.

He noted that this does not mean the photos were actually seen.

In a blog post, the company said the bug affected 6.8 million people who granted permission for third-party apps to access the photos. Facebook said the users' photos may have been exposed for 12 days in September and that the bug was fixed.

Generally when people give apps access to their photos, it means only photos posted on their Facebook page. Facebook says the bug potentially gave developers access to other photos, such as those shared on Marketplace or on Facebook Stories. The bug also affected photos that people uploaded to Facebook but chose not to post or could not post for technical reasons.

The problem comes in a year fraught with privacy scandals and other problems for the world's biggest social network.

“Right now Facebook is developing a tool that they said they are going to be rolling out next week and it'll be sending a letter to you on your Facebook page if your photos were compromised on as part of this security flaw,” Ng said.

Currently, users can visit this page and sign in to their Facebook accounts to see if they were affected by the bug.