Facebook Bug Causes A Photo Breach
Facebook is reporting a new bug that may have compromised user’s private photos to third-party developers. According to a new report from the social media giant, the latest Facebook photo breach may affect up to 6.8 million users across the platform.
The beach, caused by a bug in Facebook’s software, created two significant issues. First, images that had not yet been published to a user’s timeline may have been visible by third party apps. Second, images that users had published but kept private may have been visible to those same third party apps—apps which did not have permission to view such images.
Facebook has apologized for the bug and is in the process of notifying affected users. However, this report comes in the wake of several damaging glitches, hacks, and vulnerabilities that have further eroded public and private trust in Facebook. Additionally, recent emails relating to the Cambridge Analytica scandal have called into question the ethics of those at the very highest levels of the company.
Was This Bug Unique?
According to a spokesperson from Facebook, this newest Facebook photo breach occurred between the dates of September 13 and September 25, 2018. For those twelve days, errors in Facebook’s software and API may have made user images vulnerable.
According to a spokesperson from Facebook, the error cropped up in part because of a feature employed by the image uploading portion of the software. When a user uploads but does not publish a photo, Facebook stores that photo so that the user does not have to re-upload that photo. Photos can get trapped in this upload-limbo for multiple reasons: perhaps a user walks into a meeting or loses a signal or simply changes his or her mind.
Photos Visible to Third-Party Apps
The stored, unpublished photos were visible to third party apps. It’s not entirely clear what these apps did with the photos, although there’s no evidence of any malicious intent. Instead, it’s likely that the third-party apps used the photos in the same way that used all other stored user information.
The specific use of the photos, then, would depend on the individual app. According to Facebook, over 1500 apps, built by over 876 developers, may have had access to user photos that were never intended for public view. Given the scope of the apps and developers who may have had access to these images, it’s nearly impossible for users to track down who may have been doing what with their images after this Facebook photo breach.
Slow Response Time?
Due to the size and scope of the error, Facebook is coming under fire in part due to its slow response time. According to Facebook, the bug was repaired by September 25, 2018, but the public was not notified until the middle December, representing a nearly two-month long delay. Consumer advocates are unconvinced by the social media giant’s slow response time.
To a certain extent, consumers have grown numb to data breaches—including photo breaches. Every new breach further erodes any trust those consumers still had. But people do still expect timely notice and delays can seem inherently suspicious.
A Challenging Year For Facebook
It’s true that Facebook’s latest photo breach is itself an alarming data point, but not altogether catastrophic. However, within the context of Facebook’s already bad year, this drop in the bucket reinforces already prevalent negative perceptions of the social media company.
Early in 2018, it was revealed that Facebook allowed a third party firm known as Cambridge Analytica to harvest the personal data of millions of Facebook users. Since that time, Facebook has been subject to increased scrutiny, both by lawmakers in the U.S, EU, and UK, and by the public at large.
And in light of that intense scrutiny, further scandals have become public. Facebook’s meek challenge to Russian trolls, the use of rumor and innuendo against frequent right-wing target George Soros, and a seeming contempt for user privacy have all undermined Facebook’s trusted brand image.
No Change in Sight
Most companies going through such turmoil might seek to make 2019 a year of renewal. And it’s possible that will happen for Facebook, but consumer advocates are unconvinced. There’s been little evidence that Mark Zuckerberg or anyone on Facebook’s board will face significant consequences for the social media company’s seemingly questionable ethics.
Yet, consumers are to a certain degree trapped. For businesses and individuals alike, Facebook offers certain important services that are incredibly difficult to walk away from. Even though several boycotts and campaigns have begun seeking to change Facebook’s behavior, there’s little evidence that those movements are having an impact on Facebook’s user numbers.
Watch for Notifications
On a smaller scale, Facebook says that it’s working to inform the possible 6.8 million users whose images may have been affected by this most recent Facebook photo breach. If you uploaded images between the dates September 13 and September 25, 2018, but never published those images, keep an eye on your email.
Facebook has, of course, moved to secure the initial bug that created the problem. Whether another Facebook photo breach—or bug of some kind—will follow is something that only time will tell.
What are your thoughts on the new Facebook Photo Breach? Comment below and let us know your thoughts. Want to keep them private? Shoot us an email to Outreach@