Close on the heels of Google’s second data leak from its social media platform Google+, Facebook reported a breach in its system due to a bug which may have exposed pictures of nearly 6.8 million users across the world for over 12 days between September 13 and 25, via third-party applications.
In an official blog post, Tomer Bar, Facebook engineering director, has stated that the issue has been fixed. However, the bug potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories.
The special arrangements are detailed in hundreds of pages of Facebook documents leaked late last week. The records, generated in 2017 by the company’s internal system for tracking partnerships, provide the most complete picture yet of the social network’s data-sharing practices. Facebook allowed Microsoft’s Bing search engine to see the names of virtually all Facebook users’ friends without consent, the records show, and gave Netflix and Spotify the ability to read Facebook users’ private messages.
In addition, the social network permitted Amazon to obtain users’ names and contact information through their friends, and let Yahoo view streams of friends’ posts, despite public statements that it had stopped that type of sharing years earlier.
Apologizing for the breach, Bar informed that it will be rolling out tools for app developers early next week, which will allow them to determine if people using their app have been impacted by this bug. Facebook will be working with those developers to delete the leaked photos.
The year of 2018 has been tough for the company right from the start when it reported the Facebook-Cambridge Analytica data breach in April, in which an estimated 87 million users were affected. Again in September, the company reported a security breach affecting 50 million accounts across the globe. However, in October, it clarified that 30 million users were actually affected by a software bug which affected the “View As” feature that allows users to see how their own profile looks to other people.
Not only Facebook, but other international companies have also recorded major data breaches this year. Search company Google has also reported a data leak potentially affecting 500,000 users in October via its social platform Google+. The company is now set to stop operations of Google+ by August 2019 as it witnessed a second breach affecting nearly 53 million users across the world.
Earlier this month, US-based question and answer platform Quora also reported a data breach, which affected personal data of almost 100 million users due to a “malicious” third party which got unauthorized access to one of the company’s systems.