Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Facebook exposed 6.8 million users’ photos in newest privacy breach – are you affected?

Facebook has admitted yet another astonishing privacy breach, this time exposing the photos – including those that hadn’t been posted – of 6.8 million users to thousands of third-party apps.

The under-fire social network says a bug in its Photo API gave 1,500 apps access to those photos during a two-week period between September 13 and September 26 this year.

The company says the bug affected people who used Facebook Login and granted permission to third-party applications to access their photos. However, the bug gave these developers (some 876 in total) broader access than usual to the photographs.

The company explained that, when users grant third-party apps access to their photos, it usually only pertains to those already shared on a timeline. However, this bug offered access to photos posted on Facebook Stories or Marketplace. Not only that, they also had access to photos uploaded to the app, but not yet posted.

Related: How to delete your Facebook account

If you’re wondering how that’s possible, Facebook explains “we store a copy of that photo for three days so the person has it when they come back to the app to complete their post.”

Now the company is back to the all-too-familiar process of notifying users who’ve been affected by the lack of reverence for their privacy. Again, it is notifying those users via an alert on Facebook.

Facebook photos breach

“We’re sorry this happened,” Facebook’s engineering director Tomer Bar wrote in the blog post.

“Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug. We will be working with those developers to delete the photos from impacted users.

“We are also recommending people log into any apps with which they have shared their Facebook photos to check which photos they have access to.”

The issue has arisen at the end of an horrendous year for Facebook, not just in terms of protecting the data of its users, but in potentially undermining democracy and hastening the spread of fake news. The company is facing calls for greater regulation of its platform from governments around the world, while there are also calls for the company to be broken up.

Have you received a notification from Facebook informing you your photos had been compromised? Let us know @TrustedReviews on Twitter.

Why trust our journalism?

Founded in 2003, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.

Trusted Reviews Logo

Sign up to our newsletter

Get the best of Trusted Reviews delivered right to your inbox.

This is a test error message with some extra words