Facebook today at the Developer News confirmed that the Developers Ecosystem saying they have discovered a Photo API Bug which photos of Facebook users Developers have got access to even when the users never intended to post them publicly.
When someone gives permission for an app to access their photos on Facebook, we usually only grant the app access to photos people share on their timeline. In this case, the bug potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories. Facebook said
Facebook also said that it has discovered 6.8 million users who have been affected by the bug and 1500 Apps which are built by 876 different developers at a glance. In my own view, chances are, this is just an estimate and still counting.
“Currently, we believe this may have affected up to 6.8 million users and up to 1,500 apps built by 876 developers. The only apps affected by this bug were ones that Facebook approved to access the photos API and that individuals had authorized to access their photos”. They said!
The team also say they are sorry for what had happened. And that, early next week they will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug. After this deliberation, they also confirmed that they will be working with those developers to delete the photos from impacted users.
We will also notify the people potentially impacted by this bug via an alert on Facebook. The notification will direct them to a Help Center link where they’ll be able to see if they’ve used any apps that were affected by the bug. (See an example of user notification below)
Source: Facebook Developers News