Facebook announced that a bug recently allowed third-party developers to access users’ private photos, and the issue could have affected as many as 6.8 million people.
“Our internal team discovered a photo API bug that may have affected people who used Facebook Login and granted permission to third-party apps to access their photos,” Facebook said in a Friday blog post. “We have fixed the issue but, because of this bug, some third-party apps may have had access to a broader set of photos than usual.”
There was a 12-day period in September when the bug was operating during which the apps could have gained access to users’ private pictures, such as those people share on Marketplace or in their Facebook Stories.
“We’re sorry this happened,” Tomer Bar, Facebook’s engineering director, said in the post.
Bar said that the social media giant would be rolling out new tools for app developers to be able to determine which users the bug affected and will then notify those potentially impacted via Facebook alert.
The company said it will then work with those developers to delete the photographs that were compromised.
[Also read: Tumblr, Facebook update policies to ban almost all adult content]
