New Facebook Data Breach Exposed Private Photos Of Nearly 7 Million Users

Yolanda Curtis
December 19, 2018

The bug disclosed on Friday gave hundreds of apps unauthorized access to photos that could in theory include images that would embarrass some of the affected users. While the scandals don't seem to have affected the company's massive user base, growth has slowed. The company says it's also working with developers to delete the affected images.

Facebook's inadvertent private-photo exposure follows the social network warning in September that attackers had strung together three separate flaws to gain access to 50 million users' accounts (see: Facebook Breach: Attackers Exploited Privacy Feature).

With two more weeks left of the year, it's possible there's still time for another privacy kerfuffle at Facebook.


Although, the photos using this particular bug could be stolen only through a third-party app, essentially the bug would have allowed hackers or cyber criminals to steal photos, even the private photos, of Facebook users. "We will also notify the people potentially impacted by this bug via an alert on Facebook".

Earlier this year, the revelation that data mining firm Cambridge Analytica improperly attained data on up to 87 million Facebook users, set in motion a series of events that led to Zuckerberg testifying to the US Congress and forcing the company to revamp its policy on developers access to user data. The apps affected were only those that have been approved to access Facebook's photos API.

Facebook acknowledged this latest bug in a blog post directed at developers. Photos that people uploaded and didn't choose to post were also affected by the bug. Facebook says any app to which a user grants photo access is only meant to see the user's timeline photos.


Some of those photos hadn't even been posted yet-just uploaded.

The logo for Facebook appears on screens at the Nasdaq MarketSite in New York's Times Square on March 29, 2018. In this case, the bug potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories.

In total, up to 1,500 apps from 876 different developers may have inappropriately accessed people's pictures.


The social media giant apologized for the incident in an official post and assured users that it is now working with developers to delete the photos.

Other reports by iNewsToday

FOLLOW OUR NEWSPAPER