Facebook Bug Potentially Exposed Unshared Photos of Up 6.8 Million Users -- 2nd Update
December 14 2018 - 2:28PM
Dow Jones News
By Aisha Al-Muslim and Deepa Seetharaman
Facebook Inc. said unshared pictures of up to 6.8 million users
may have been exposed by a software issue that granted app
developers access to the photos, the latest in a series of privacy
snafus at the social-media company.
Up to 1,500 apps may have had improper access to photos,
including draft posts, from Sept. 13 to Sept. 25, Facebook said
Friday in a post on its developers' blog.
A company spokeswoman said Facebook found and fixed the bug on
Sept. 25 after an internal team made the discovery.
Facebook informed Ireland's Data Protection Commission, which is
the company's lead privacy regulator in Europe, about the incident
on Nov. 22, after the company determined it needed to report the
breach to the authorities.
Facebook is required under European law to inform regulators
about breaches within 72 hours after the company determines a
breach took place.
In a statement, Graham Doyle, head of communications for the
Data Protection Commission, said the regulator started a "statutory
inquiry" this week to see if Facebook complied with European
law.
Facebook said it believes it complied.
The company waited several weeks to announce the breach publicly
because it needed to build a notification page and translate it
into multiple languages, the spokeswoman said. Facebook
automatically translates posts presented in the news feed in more
than 60 languages.
"We're sorry this happened," wrote Tomer Bar, engineering
director at Facebook, in the blog post.
Early next week, Facebook will roll out tools for third-party
app developers to determine which people might have been affected
by the application program interface bug. Facebook said it would
work with the developers to delete affected users' photos.
The company, which will notify people potentially impacted
through an alert on Facebook, also recommended users log into any
apps with Facebook authorization to check or update photo-sharing
permissions.
"When someone gives permission for an app to access their photos
on Facebook, we usually only grant the app access to photos people
share on their timeline," Mr. Bar wrote. "In this case, the bug
potentially gave developers access to other photos, such as those
shared on Marketplace or Facebook Stories. The bug also impacted
photos that people uploaded to Facebook but chose not to post."
The company's disclosure Friday comes as it faces a range of
regulatory inquiries into how it safeguards user privacy, treats
its competitors and controls access to its platform.
Earlier this year, Facebook said the data related to as many as
87 million people may have been improperly shared with Cambridge
Analytica, a political analytics firm. At the time, Chief Executive
Mark Zuckerberg said: "We have a responsibility to protect your
information. If we can't, we don't deserve it."
In September, Facebook reported that hackers gained access to
nearly 50 million accounts in what amounts to the largest-ever
security breach at the social network. On Thursday, Facebook opened
a 24-hour pop-up shop in Manhattan's Bryant Park dedicated to
privacy efforts.
Write to Aisha Al-Muslim at aisha.al-muslim@wsj.com and Deepa
Seetharaman at Deepa.Seetharaman@wsj.com
(END) Dow Jones Newswires
December 14, 2018 14:13 ET (19:13 GMT)
Copyright (c) 2018 Dow Jones & Company, Inc.
Meta Platforms (NASDAQ:META)
Historical Stock Chart
From Aug 2024 to Sep 2024
Meta Platforms (NASDAQ:META)
Historical Stock Chart
From Sep 2023 to Sep 2024