In more news showcasing security vulnerability at social media giant Facebook, the network announced that it has discovered a bug within its photo application program interface that allowed app developers that users signed up to use to see photos that users decided not to share with anyone on the service.
In a news release posted on its developer-focused blog, Facebook Engineering Director Tomer Bar detailed that this photo API bug enabled these third party developers to have access to private photos in a 12-day window from September 13, 2018 to September 25, 2018.
Users potentially impacted by this bug will be informed via an alert within Facebook that links them directly to this Facebook Help Center article with further details. Additionally, Facebook will be working with third party app developers to delete the photos from users impacted by this bug.
This is the latest in a series of showcases in Facebook's negligence towards ensuring the full privacy of its users. In an extra dose of coincidence, this API bug was discovered on September 25th, the same day that Facebook discovered the data breach that impacted more than 50 million users.