Skip to navigationSkip to content

Facebook bug exposed up to 6.8M users’ unposted photos to apps

By TechCrunch

Reset the “days since the last Facebook privacy scandal” counter, as a Facebook has just revealed a Photo API bug gave app developers too much access to the photos of up to 5.6 million users. The bRead full story

Comments

  • Also share to
  • These bugs are the product of a design methodology that optimizes the elimination of friction over the needs of users. We will continue to see security compromises and other failures until regulators force radical changes to the business model of FB and Google.

  • This to me shows the importance of government oversight on days privacy: “However, Facebook tells me it notified the IDPC that oversees GDPR on November 22nd, as soon as it established the bug was considered a reportable breach under GDPR guidelines.”

    Would Facebook have even made this public if GDPR didn’t exist?

  • This is precisely why the tech successes of tomorrow will be the ones that place privacy and the protection of personal information front and center. The internal incentives of today’s tech giants are simply not aligned with the incentives of users, since the exploitation of user information is the primary product — Read: Facebook and Google.

    In the meantime, for all the Apple naysayers today, no tech company prioritizes privacy with their products as much as them. So when making excuses for slowing

    This is precisely why the tech successes of tomorrow will be the ones that place privacy and the protection of personal information front and center. The internal incentives of today’s tech giants are simply not aligned with the incentives of users, since the exploitation of user information is the primary product — Read: Facebook and Google.

    In the meantime, for all the Apple naysayers today, no tech company prioritizes privacy with their products as much as them. So when making excuses for slowing iPhone growth, think about what phone you will buy next. And importantly at what price. It will likely be yet again another iPhone and likely at a higher price. Privacy protection is the best form of ecosystem lock-in for the next paradigm.

  • The only photos I have posted are those that I could care less, if they were part of the bug. The rest I have not given permission. Nor have I uploaded. For all their genius, they sir seem able to continuously shoot themselves, in the foot. I know people are concerned about privacy, but that may be a battle already lost. If you have a credit card, a mortgage, a car loan, or any other type of credit, there is a good chance the Equifax hack probably has exposed your information. If you work for the

    The only photos I have posted are those that I could care less, if they were part of the bug. The rest I have not given permission. Nor have I uploaded. For all their genius, they sir seem able to continuously shoot themselves, in the foot. I know people are concerned about privacy, but that may be a battle already lost. If you have a credit card, a mortgage, a car loan, or any other type of credit, there is a good chance the Equifax hack probably has exposed your information. If you work for the Federal Government, the Office of Personnel Management hack probably exposed your information. It’s going to force all of us to pay money to protect our identity and accounts...

  • Why do people still use Facebook? Privacy is still important, even if technology interferes with it regularly. There is absolutely no reason for Facebook to be holding onto photos users never even shared. Stories should be expired once they expire. I mean, yeah, that’s great that stuff people send on Messenger is safe, but what good is Facebook if there is no sense of security outside of that? This sucks.

  • This part is particularly suspicious to me: "Facebook discovered the bug on September 25th, the same day as its 30 million user breach". What a coincidence, not. This, combined with the huge dodging delay of reporting the breach (by a company that can easily afford to pay any related fines) only reaffirms my lack of faith in this social media company. By the time I finally pull the plug on my account, there may be nothing left in my account that hasn't already been compromised. I wonder if social

    This part is particularly suspicious to me: "Facebook discovered the bug on September 25th, the same day as its 30 million user breach". What a coincidence, not. This, combined with the huge dodging delay of reporting the breach (by a company that can easily afford to pay any related fines) only reaffirms my lack of faith in this social media company. By the time I finally pull the plug on my account, there may be nothing left in my account that hasn't already been compromised. I wonder if social media will even still be a thing 20 to 50 years from now...though those made rich by it won't even need to care anymore by then.

  • Massive #fail by @facebook. Shouldn’t this kind of thing outrage us? “The bug allowed apps users had approved to pull their timeline photos to also receive their Facebook Stories, Marketplace photos, and most worryingly, photos they’d uploaded to Facebook but never shared.”

    If Facebook were a local business, they would have to turn in their license. If they were a government party, there would be a vote of no confidence. What can we do?

  • This is bigger than all of us;

    You cannot lock the barn door after the horses are already have been let out!

    Facebook, and Google are handholding.

    These companies are linked with each other and the ultimate goal here has always been to conquer everything and become the giants of the World!

    The government uses Google and has now for some time, therefore google has already streamlined everything on information for the people in this country into its database.

    So I can honestly say that it’s probably

    This is bigger than all of us;

    You cannot lock the barn door after the horses are already have been let out!

    Facebook, and Google are handholding.

    These companies are linked with each other and the ultimate goal here has always been to conquer everything and become the giants of the World!

    The government uses Google and has now for some time, therefore google has already streamlined everything on information for the people in this country into its database.

    So I can honestly say that it’s probably too late to worry about a breach.

    They already have our information.

  • Facebook is a cruch for clinically insecure and lonely people. And we obviously have a epidemic on our hands. Why would any clear thinking person, who values their time and privacy, subject themselves to a known parasite that slowly feeds off its host?

  • Facebook continues to fail to protect or warn users of these situations. Whennoone is watching the store this is what u get.

  • This shows Zuckerbergs care for only himself and his money. This is a capitalist society though so who can blame him for fucking his consumers for a quick buck, right?

  • I wish I could make a career out of being unfathomably incompetent. Articles such as this are the new normal for Facebook, and it's astounding to me the number of people who are so still so incredibly attached to it. This company has demonstrated time and time again that it clearly does NOT have capability to store private data effectively.

    If your bank had a breach of your non-public information as frequently as Facebook, would you still use that institution? No. You wouldn't. Facebook may not

    I wish I could make a career out of being unfathomably incompetent. Articles such as this are the new normal for Facebook, and it's astounding to me the number of people who are so still so incredibly attached to it. This company has demonstrated time and time again that it clearly does NOT have capability to store private data effectively.

    If your bank had a breach of your non-public information as frequently as Facebook, would you still use that institution? No. You wouldn't. Facebook may not have your social security number, but they have enough of your information that if it got into the wrong hands there could be severe consequences.

    Your privacy is not worth giving up so that you can tell 357 people that you never truly talk to that you had a steak for dinner.

    Delete your Facebook.

  • Facebook’s trust fell down . many users aren’t using facebook now.

    facebook have to recovery thier trust ,or the users will be decreasing.

  • Again like people i dont think even care anymore seriously ?

  • Keeping your data safe!

Want more conversations like this?

Join the Quartz community for all the intelligence, without the noise.

App Store BadgeGoogle Play Badge
Leaderboard Screenshot

A community of leaders, subject matter experts, and curious minds bringing nuance back to how we talk about the news.

Editors' Picks Screenshot

No content overload: our editors will curate the most notable and discussion-worthy pieces for you every day.

Share Screenshot

Don’t just read the story, tell it: contribute your ideas and experience to the dialogue.