The Social Media Giant, Facebook, disclosed on Friday that a bug may have compromised around 6.8 million Facebook users who might have used Facebook login credentials to permit third party apps to access images. In addition to that, Facebook said that the Bug in facebook was first discovered around three months ago.
This recently discovered Facebook bug allowed approximately 1500 Facebook third party apps to see & access the images that users never shared on their Facebook timeline. The compromised images include pictures shared in Facebook stories, as well as those images that user may have uploaded to the site, but chose not to post.
The developers of Facebook third party app could access the images for a period of 12 days i.e., from 13th September 2018 to 25th September 2018.
Insight into the Facebook Data Breach
According to the resources, Facebook third party apps that acquire user’s permission to access the images are consistently not allowed to access the subject matter published on their Facebook Timeline.
Similarly, the engineering director Tomer Bar confirmed in his message to the developers that when user’s grant permission to any third party app to access their images on Facebook, it typically allows the app to access images shared on Timeline only.
In contrary to that, a ruinous error in the code update for Photo Application Program Interface broadened this permission to different sections of a user’s Facebook profile. The extended permission includes the images shared on Facebook stories & even those that were not published by the user.
Around 1500 Apps Impacted, Issue Internally Fixed By Facebook
The leading Social Media Giant has claimed to have examined the entire issue & fixed it already. Further, it predicted that facebook security breach may have affected 1500 third party apps from distinct 876 developers. This Data Breach allowed developers to access content of the images of around 6.8 million Facebook users without their consent.
Notably, all the compromised third party apps had the approval of Facebook & Facebook user’s permission to access Photo API.
As per the tech reports, Facebook could not ascertain third party apps involved in the Data Breach, because of which Facebook decided to clue in its users that any one of the 1500 apps may have impacted their Facebook privacy.
Facebook took another countermeasure to minimize the impact of this Data Breach by contacting the third party app developers & asking them to delete the content of the images that could have been accessed due to ruinous Facebook Bug.
Moreover, potentially impacted Facebook Users are receiving notifications on Facebook elaborating the error, redirecting them to Help Center page that initiates a check to know if the account has been impacted by an error in Photo API.
In addition to that, Facebook has recommended users to log in to the apps where they might have shared their Facebook images. Users can also learn to manage their apps on Facebook or contact an app developer in case of any discrepancies or image compromise.
(163)