Facebook just announced another worst data breach that exposed private photos of 6.8 million users. Bug reside in the photo API of Facebook by which some third-party app developer may have gained unauthorized access to the image of 6.8 million users.
On the blog post, Facebook says that the bug remained for almost two weeks from September 13 to September 25, where bug in the code update for the Photo API extended this permission to other sections of the profile, such as Marketplace or Facebook Stories; furthermore, the pictures that the user did not publish were also exposed.
"For example, if someone uploads a photo to Facebook but doesn't finish posting it - maybe because they've lost reception or walked into a meeting - we store a copy of that photo so the person has it when they come back to the app to complete their post,"- reads blogpost.Facebook found the bug internally and it gets fixed also. But at the meantime, Facebook started notifying impacted users of the flaw through an alert on their Facebook timeline that their photos may have been exposed, which will direct them to its Help Center page with more information.
Also Read : Facebook Security Breach, 50 Million users affected.
Furthermor, Facebook says to minimize the impact of the glitch cause, social media giant will soon giving a tool for app developers that allow them to determine which people using their app might be imapcted by this API bug.