Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Snapchat Symbol Meaning

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

Facebook Bug Lets App-Makers See Photos You Never Posted

by Elizabeth Harper on December 18, 2018

Facebook has had a string of privacy problems this year. Facebook's bad year kicked off in April with the Cambridge Analytica scandal, which compromised as many as 87 million accounts. This summer, we found out that weak data privacy policies meant our personal information had been shared with Facebook's corporate partners, despite our privacy settings. And another major security breach came in October, with as many as 90 million accounts compromised.

The latest privacy snafu only affected 6.8 million accounts, which is a drop in the bucket compared to Facebook's other issues. However, it may be the most worrying privacy problem yet, because it shared photos users hadn't posted — publicly or privately — to Facebook. This happened because of a bug that granted apps more access to your photos than they should have, which included photos you uploaded but never posted. For example, if you started posting a photo but never hit “post” — perhaps you forgot about it or simply decided not to publish it — Facebook saved the photo so you didn't lose it. That can be convenient, but in this case, it only let apps access even more of your photos.

These photos were shared with about 1,500 apps, all of which you'd given access to your photos. But instead of seeing the images you meant to share, the bug allowed these apps access to more — including those unpublished images. While you (hopefully) didn’t allow any apps you didn't trust access to your personal data, that may not want them to have all of your photos.

If your account was compromised by this bug, you should get a notification at the top of your Facebook timeline. If you've been affected, take a look at any apps you've shared photos with to be sure they don't have more photos than you'd like. Facebook has asked developers to delete any photos they shouldn't have, but you can't be too careful where your private photos are concerned.

Not sure which apps have access? You can review apps with access to your account in your Facebook settings. Even when there hasn't been a data breach, it's a good idea to check what has access to your account regularly and get rid of apps you don't use. And while you're there, you should review your Facebook privacy settings, too.

Unfortunately, because this was caused by an error in Facebook’s code, these basic security steps wouldn't have protected your photos from this leak. While it's a good idea to follow the best security practices anyway, there's no guarantee that your data won't be part of the next leak, too. If you're tired of Facebook’s continuing problems, you can always delete your Facebook account. Though it's a tough step to take, it's the only guarantee that you won't be part of the next data breach.

[Image credit: Facebook on phone via BigStockPhoto]


Facebook, News, Phones and Mobile, Mobile Apps, Android Apps, iPhone/iPad Apps, Computer Safety & Support, Blog, Privacy

Discussion loading

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.