#facebook photo bug

Facebook recently announced that they have discovered a photo API bug that may have exposed a broad set of user photos to third-party apps for 12 days between September 13 to September 25, 2018. Facebook explains that when someone gives permission for an app to access their photos on Facebook, they usually only grant the app access to photos people share on their timeline. The bug, however, potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories, and also affected photos uploaded to Facebook but chose not to post. Facebook stores a copy of that photo for three days so the person has it when they come back to the app to complete their post. The only apps affected by this bug were ones that Facebook approved to access the photos API and that individuals had authorized to access their photos. As usual, Facebook is sorry and will rollout tools for app developers that will allow them to determine which people using their app might be impacted by this bug. Facebook will also work with those developers to delete the photos from impacted users. Read more in our articles including "Facebook bug exposes user photos to third-party apps" and "Google Wallet adds Package Tracking via Gmail Receipts".