UPDATE: Wondering if your photos were exposed due to the Facebook API bug announced on Friday? Here's how to find out.
Facebook promised to directly notify all potentially impacted users via an alert on the social network. You can also proactively check if your account was affected by visiting this Facebook Help Center link while logged into your Facebook account.
If you were affected, you'll see a list of apps that "may have had access to your other photos" along with information about what to do.
Original Story 12/14:
As if you needed another reason to question Facebook's ability to safeguard your personal information, the social network just disclosed a bug that exposed up to 6.8 million users' private photos to third-party app developers.
In a Friday blog post, the social network said it has fixed the photo API bug, which gave third-party apps "access to a broader set of photos than usual" for 12 days, from this Sept. 13 to 25.
Normally, when you give third-party apps permission to access your photos on Facebook, they can only see the images you've shared on your timeline, Facebook's Tomer Bar explained in the post. But this photo API bug may have given those developers access to even more of your images, including ones you've shared on Marketplace, Facebook Stories, and ones you uploaded to the social network but didn't end up posting.
"Currently, we believe this may have affected up to 6.8 million users and up to 1,500 apps built by 876 developers," Bar wrote. "The only apps affected by this bug were ones that Facebook approved to access the photos API and that individuals had authorized to access their photos. We're sorry this happened."
The social network plans to roll out tools next week to help app developers determine which of their users might have been impacted by the flaw. The company says it's also working with developers to delete the affected images.
Facebook also plans to alert all users who may have been impacted by the bug but did not say when that would happen. When it arrives, the notification will direct you to a Facebook Help Center link with more information.
"We are also recommending people log into any apps with which they have shared their Facebook photos to check which photos they have access to," Bar wrote.
Meanwhile, if you trust Facebook enough to buy its new Portal video calling appliance, the company is rolling out some new features to check out. That includes a new web browser and access to Facebook Instant Games such as Battleship, Disney Tsum Tsum, Draw Something, Shake It Up-Poker Dice, Sudoku, SuperBaseball, and Words With Friends.
While Portal received a "good" rating in PCMag's review, we don't recommend it for privacy reasons.
"Facebook is such a mess in terms of controlling who uses your data for vicious ends … that we can't recommend this product to individuals until the company gets its house in order," PCMag's Lead Mobile Analyst Sascha Segan wrote in his review.
Facebook Leaks Private Photos of Nearly 7 Million Accounts
Like What You're Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
Sign up for other newsletters
