Facebook announced Friday that it has discovered a bug that may have affected up to 6.8 million users, who use their Facebook ID to allow third-party apps to access their photos.
A security breach has made applications available to all photos posted on Facebook by 6.8 million users for ten days in September. The flaw, which has been corrected after 12 days, only concerns people who have downloaded one or more of these 1,500 applications and initially agreed to use some of their photos.
This bug made available, from the 13th to the 25th of September, all the photos of these users, including those uploaded by users on Facebook but not published on their page. Facebook said in a message posted Friday, December 14 by the director of engineering Tomer Bar, that all users who have been exposed to this fault would be notified by the social network. “We are sorry that this is produced”, writes Tomer Bar.
The group will also propose, starting next week, the developers of the 1,500 applications concerned a tool allowing them to identify users whose photos may have been used without authorization.
The revelation of this incident comes at the end of a difficult year for Facebook, marked notably by the scandal Cambridge Analytica, linked to the undue use by this British company of the data of 50 million users of the social network. Last week, a British parliamentary committee accused Facebook, on the basis of internal documents, of offering a “full access to user friend data” of the platform, although the US giant has announced to have abandoned this practice in 2015.