Facebook has had a string of privacy problems this year. Facebook's bad year kicked off in April with the Cambridge Analytica scandal, which compromised as many as 87 million accounts. This summer, we found out that weak data privacy policies meant our personal information had been shared with Facebook's corporate partners, despite our privacy settings. And another major security breach came in October, with as many as 90 million accounts compromised.
The latest privacy snafu only affected 6.8 million accounts, which is a drop in the bucket compared to Facebook's other issues. However, it may be the most worrying privacy problem yet, because it shared photos users hadn't posted — publicly or privately — to Facebook. This happened because of a bug that granted apps more access to your photos than they should have, which included photos you uploaded but never posted. For example, if you started posting a photo but never hit “post” — perhaps you forgot about it or simply decided not to publish it — Facebook saved the photo so you didn't lose it. That can be convenient, but in this case, it only let apps access even more of your photos.
These photos were shared with about 1,500 apps, all of which you'd given access to your photos. But instead of seeing the images you meant to share, the bug allowed these apps access to more — including those unpublished images. While you (hopefully) didn’t allow any apps you didn't trust access to your personal data, that may not want them to have all of your photos.
If your account was compromised by this bug, you should get a notification at the top of your Facebook timeline. If you've been affected, take a look at any apps you've shared photos with to be sure they don't have more photos than you'd like. Facebook has asked developers to delete any photos they shouldn't have, but you can't be too careful where your private photos are concerned.
Not sure which apps have access? You can review apps with access to your account in your Facebook settings. Even when there hasn't been a data breach, it's a good idea to check what has access to your account regularly and get rid of apps you don't use. And while you're there, you should review your Facebook privacy settings, too.
Unfortunately, because this was caused by an error in Facebook’s code, these basic security steps wouldn't have protected your photos from this leak. While it's a good idea to follow the best security practices anyway, there's no guarantee that your data won't be part of the next leak, too. If you're tired of Facebook’s continuing problems, you can always delete your Facebook account. Though it's a tough step to take, it's the only guarantee that you won't be part of the next data breach.
[Image credit: Facebook on phone via BigStockPhoto]
