Facebook revealed on Friday a software bug may have exposed the photos of up to 6.8 million users.
Facebook came to know of this security breach on 25th September. The bug ran from 13 September to 25 September, total of twelve days.
The Photo API bug provided the developers access to the photos of almost 7 million users.
This bug let the app users pull out data from the user’s profiles. The data pulled include timeline photos, receive users Facebook Stories, and Marketplace photos.
But that is not all, photos uploaded on Facebook but never shared by the users also been exposed.
READ MORE: Facebook Security Breach Impacted 30M Users
People granting permission to third-party apps to access the photos were affected by the bug. Facebook said users may been exposed for 12 days.
Facebook also said the bug has been fixed and affected users will be notified
Normally when people give access to third party to access photos on the Facebook, only photos shared on the timeline are exposed.
But in this case, the develops are able to access other photos as well. It gave them access to photos shared on Stories and Marketplace as well.
Facebook developer, Tomer Bar, said :
READ MORE: Italy fines Facebook over data misuse
“Currently, we believe this may have affected up to 6.8 million users and up to 1,500 apps built by 876 developers.”
“We’re sorry this happened,”
“Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug. We will be working with those developers to delete the photos from impacted users.”