Skip to main content

Facebook 'sorry' for massive photo bug that exposed 6.9m users' unpublished images - have you been alerted?

Given Facebook and Instagram are two of the most popular image-upload sites on the planet, it's never good news when a data breach is revealed. But that's exactly what has happened, with Facebook admitting that up to 6.8 million users' photos were left exposed thanks to a massive bug. 

In a damning blog post, Facebook announced that the breach had happened between the 13-25 September and affected third-party APIs that had access to Facebook users' photos - even ones they hadn't posted on the site. 

"The bug potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories," noted Tomer Bar, from facebook. 

"The bug also impacted photos that people uploaded to Facebook but chose not to post. For example, if someone uploads a photo to Facebook but doesn't finish posting it - maybe because they've lost reception or walked into a meeting - we store a copy of that photo for three days so the person has it when they come back to the app to complete their post."

Breach out

Facebook has had a rough year. It's been subject to numerous data breaches, the Cambridge Analytica scandal, and this latest bug comes after some 29 million sites were part of a much bigger hack. 

"We're sorry this happened," continues the post while explaining that "the only apps affected by this bug were ones that Facebook approved to access the photos API and that individuals had authorized to access their photos."

 To find out if your photos were exposed as part of the bug, head to Facebook's Help Center.