3 min read

All You Need to Know About Facebook's Latest Bug

By Wasatch Peaks on January 12, 2019

Topics: Security

With its wide range of features, easy-to-use interface and streamlined access, Facebook is the darling of the social media age. It helps people stay connected with family and friends, allows new relationships to blossom and creates a culture of community for new and established businesses alike.  

However, last month, Facebook announced its internal team found a photo API bug in its platform which may have exposed the unshared photos of 6.8 million users. As the latest in a stream of publicized security issues, this breach has the public confused and worried about their privacy. 

Read on for all you need to know about the recent Facebook bug. 

What happened because of the photo bug? 

According to Facebook’s policy, apps linked to Facebook are only allowed to access photos that users give them permission to view, such as those posted on their Facebook timeline. The recent bug, however, may have allowed third-party apps to access loads of other pictures without their user’s knowledge and permission. 

An estimated 1,500 apps built by 876 developers were affected by the bug. All of these apps are approved by Facebook and were authorized by users to access their photos. 

The photos breached include those shared on Facebook Stories or Marketplace as well as photos that had been uploaded but weren’t yet posted on Facebook. 

The bug was active from Sept. 13 to Sept. 25. Although, Facebook waited to come clean about the breach in mid-December. 

What steps has Facebook taken to fix the bug? 

Facebook fixed the bug as early as Sept. 25 and has openly apologized for the breach. They have promised to let app developers know which of their users have been affected by the bug so they can take steps on their own. Facebook has also claimed to be working on strengthening their platform’s privacy to prevent future photo leaks and security breaches. 

When asked why the social media giant did not inform the public about the bug immediately, a Facebook representative told CNN Business, “We have been investigating the issue since it was discovered to try and understand its impact so that we could ensure we are contacting the right developers and people affected by the bug. It then took us some time to build a meaningful way to notify people, and get translations done.” 

Despite the statement, the jury remains out on whether Facebook has really taken the responsible course of action after the bug was discovered. 

What does the bug mean for impacted Facebook users? 

Having your unshared photos posted on public forums can lead to a host of safety issues.  Thankfully, no crimes have been linked to the photo leak to date, but crooks can use revealing photos to stage a home robbery or worse. For reasons such as this, it’s always best to use the strongest privacy settings on your social media platforms and to be super-careful about which apps you allow to access your photos. 

To be extra careful and keep yourself safe in the event of security breaches like Facebook’s recent photo bug, never post pictures that are too revealing about your personal life and your financial situation. 

How can I check if my photos were leaked? 

Facebook has issued an official alert to all affected users with clear steps for protecting their photos. The alert directs users to a Help Center Page where they can check if they’ve used any apps affected by the bug and get instructions on how to proceed from there. 

Facebook also advises users to log into any apps they use to share photos and check which ones are accessible. If you’re worried about an app’s privacy, log into Facebook’s Manage Your Apps page and contact the app developer directly to inquire about the accessibility of your photos. 

Facebook’s latest security breach may have impacted millions of users, but with the proper reactive steps and an eye toward a more secure future, it can help the social media giant and all its users practice stronger security measures and protect their privacy against potential breaches.  

Wasatch Peaks

Written by Wasatch Peaks