Uh oh – Facebook has been caught yet other data scandal. The company has admitted that it mistakenly provided some 5,000 developers with unauthorized access to user profiles due to a bug in the platform.
The leak breaks Facebook’s own rules on access to personal information. Since 2018, the platform has automatically blocked developers from getting people’s data if they haven’t interacted with the app in the past 90 days. Once the time limit expires, developers must again ask users for permission to access their data. But in this case, the locking system failed.
“We found that in some cases applications continued to receive data that people had previously authorized, even if it appeared that they had not used the application in the past 90 days,” said Konstantinos Papamiltiadis, vice president of Facebook platform associations.
“For example, this could happen if someone were to use a fitness app to invite their friends from their hometown for a workout, but we did not recognize that some of their friends had been inactive for many months.”
Papamiltiadis said Facebook corrected the error the same day it was found, but did not reveal how many users had been affected.
[Read: Facebook’s using AI to find scammers and imposters on Messenger]
The nature of the breach is particularly bad news for Facebook, as third-party access to data was also at the center of the Cambridge Analytica scandal.
The incident was what prompted Facebook to introduce its 90-day blocking rule. But the new leak shows that the system clearly still needs a lot of work.
Posted on Jul 2, 2020 – 17:21 UTC
