A recent photo API bug revealed that the Facebook app gave away more than 68 lakh photos of up to 5.6 million users to app developers. To our surprise, these are the photos which were never uploaded to Facebook.
The social media platform leaked pictures which were not even shared.
The API bug got access to hidden timeline photos, Facebook Stories, Marketplace photos, and most importantly, the photos on your smartphone which were never shared.
So, What Happened?
As the company said, it recently got to know that an API bug ran for 12 days in September. Some of the developers got access to hidden photos to as many as 5.6 million users. Third party apps had access to these photos with permission granted by Facebook between September 13 and 25.
As per the reports, Facebook will soon start sending notifications to affected users.
The company will also send out tools to the app developers soon to check if they have any photos they shouldn’t have and could delete them.
Facebook will also notify suspects, if they have used any apps impacted by the bug. Currently the social media platform is recommending users to log into the apps to check if any third party app has wrongful access to your photos.
68 Lakh Private Facebook Photos Leaked: Who Will Be Held Accountable?
Facebook is again sorry for what it did and will start investigating the matter. They have again stayed quiet about another data breach, and will be at risk of GDPR fines for not promptly disclosing the issue within 72 hours.
Facebook maybe fined up to 20 million pounds or 4 percent of annual global revenue for the incident.
It’s a major data breach, and Facebook knew about it since September, as per a TechCrush report.
The company has been on the radar for its data protection practices in the recent months. Since the Cambridge Analytica incident, Facebook has been under the scanner for its poor handling of user data.
When you grant access to a third party app via Facebook, or login into a third party account with Facebook, the access given is limited to the information available on the Facebook account only.
Giving permission to an app to access photos on Facebook only include pictures people share on their timeline.
But this data breach included pictures of 5.6 million users which were neither shared nor posted. The leaked photos include a major portion of the unposted pictures. The bug also impacted users who uploaded pictures on Facebook but chose not to post, like if someone is uploading a picture but doesn’t finish posting it.
The affected users soon may be notified and directed to a Facebook help center. There affected users where will likely be able to see what images may have been compromised by Facebook to these third party developers.
What Should You Do?
Nothing much you have can about it until Facebook provides a list of the third party apps. Once the company releases a list, you can check which of the third party apps you use. If you find any app you use on the list, log in to the app and cancel your access to Facebook photos or may be even log out your Facebook account completely.
Also, try using Facebook from your web browser than the actual app.
The Facebook apps get access to your pictures directly. In such a case, the chances of your private photos being leaked are a lot higher. But in the case of a web browser, you are still at risk, but chances are relatively low.
Facebook’s Data Coup: 5 Times Facebook Terribly Failed Us With Data Privacy
The social media giant has continuously failed to gain user’s trust. 5 times Facebook terribly failed us with data privacy:
Cambridge Analytica
With the help of Facebook, Cambridge Analytica improperly harvested the personal data of 50 million users to target political advertisements.
Private Posts Published
A bug in June publicly published private posts of 14 million users. The glitch breached data of users which were intended to be private.
Hackers Stole Data Of 30 Million Users
Hackers got access and stole private data in September. More than 30 million users were affected and almost half of the data in the accounts were stolen.
In 2015, Facebook said it stopped access to user data to third-party app developers. But in June, WSJ found that the company still shares user data with third-party developers. Facebook officials later confirmed the report.
Collected Text Messages & Phone Calls
In March it was found that Facebook was collecting data of text messages and phone calls through its smartphone apps without their any consent.
