Facebook announced on Friday (14) that a bug in the social network exposed unpublished photos of about 6.8 million users. The error affects people who allowed third-party applications to access their media on the platform. Some of these applications have obtained, due to vulnerability, a wider-than-expected permission to view photos for 12 days, between September 12 and 25.
READ: Talking about sex can ban you from Facebook; see polemics
According to the company's official statement, the bug may have affected up to 1,500 applications from 876 different developers. Facebook also warns that the leak has already been resolved, and affected users will be notified by the platform. It is possible to manually verify that your account was a victim of the vulnerability through a Facebook help page.
Facebook: tips to prevent onlookers from looking at your information
Want to buy cell phones, TV and other discounted products? Meet Compare TechTudo
The bug occurred in the Facebook photos API. When users allow their photos to third-party apps, the software usually only has access to images shared in their profile on the timeline. However, the error meant that developers could view other photos of users from Facebook, Marketplace and Stories, which had not been properly shared on the social network.
There were exposed, for example, media that were uploaded to the social network, but that the person decided to post them after all. The leak also includes photos that users have uploaded to the platform, but that, for some reason (such as failure of the Internet connection), the publication was not completed and, therefore, the image was not posted on Facebook.
Example of notification that Facebook will display affected users Photo: Divulgao / Facebook
So far, the company estimates that 1,500 external applications, from 876 different developers, were allowed to access the private photos of users of the social network. Facebook stated that the bug has already been fixed, and notify people who have had their images exposed. In addition, it is possible to check manually at facebook.com/help/200632800873098?ref=photonotice&locale=pt_BR if your account was affected by the leak. To do this, simply log in to Facebook when accessing the site.
Facebook page warns if bug affected user Photo: Reproduo / TechTudo
The social network advises users to check which profile data third-party apps have access to, and to individually configure the information that is available to them. It is worth remembering that this is not the first Facebook leak this year: the Cambridge Analytica scandal was exposed in April, when a personality test obtained abusive access to social network account data. In August, the platform discovered a vulnerability that reached 50 million users.