Facebook says a software flaw may have exposed private photos of nearly 7 million users, the latest in a series of privacy issues facing the social media company.
Facebook said Friday that the photo glitch gave about 1,500 software apps unauthorized access to private photos for 12 days in September.
“We’re sorry this happened,” Facebook said in a blog. It said it would notify users whose photos might have been affected.
Irish regulator to investigate
The software flaw affected users who gave third-party applications permission to access their photos. Facebook usually allows the apps to access only photos shared on a user’s timeline. However, the glitch would have allowed the apps to see additional photos, including those on Marketplace and Facebook Stories, as well as ones uploaded but not shared.
It is not known whether any of the photos were actually accessed.
The lead regulator of Facebook in the European Union, the Irish Data Protection Commissioner (DPC), said it was investigating the situation to determine whether the company complied with strict new EU privacy rules.
While Facebook says the bug has been fixed, the revelation brought new scrutiny to a company that has faced a series of security and privacy breaches.
Earlier this year, Facebook acknowledged that a political consultancy firm, Cambridge Analytica, gained access to the personal data from millions of user profiles.
In September, the company said it discovered a security breach affecting about 50 million user accounts that could have allowed hackers to access the accounts. The company said hackers exploited the “View As” feature, which lets users see how their own profiles would look to other people.
Facebook has also come under criticism for fake political ads posted on its site from Russia and other countries.
The company has more than 2 billion users worldwide.