NEW YORK (CBSNewYork/AP) – Facebook said Friday that a security glitch may have let third-party apps access the private photos of as many as 6.8 million users, the latest example of the social-media company failing to protect people’s online content.
The incident, which took place during a 12-day period in September, included images never fully uploaded to the platform and those not publicly posted, Facebook said. The company said it detected the bug and fixed it on Sept. 25.
It’s not yet known whether anyone actually saw the photos, but the revelation of the now-fixed problem served as another reminder of just how much data Facebook has on its 2.27 billion users.
The security lapses come as Facebook works to repair the damage to its reputation from missteps that include the Cambridge Analytica data privacy scandal and failing to stop Russian use of the site to meddle in the 2016 U.S. presidential election. Hackers also accessed data belonging to tens of millions of users, the company revealed in September.
Facebook apologized for the incident in a post written by one of its engineering directors, Tomer Bar, who added the company was working to address the problem.
Facebook said the users’ photos may have been exposed for 12 days in September. The company said the bug has been fixed.
The company declined to say how many of the affected users are from Europe, where stricter privacy laws took effect in May and could subject companies to fines. Facebook said it has notified the Irish Data Protection Commission of the breach.
(© Copyright 2018 CBS Broadcasting Inc. All Rights Reserved. The Associated Press contributed to this report.)