06 Nov 2019
Dozens of apps may have accessed your Facebook data (again!)
In another shocking revelation, Facebook has revealed that dozens of third-party apps and developers may have accessed your data without permission.
The social network had put restrictions on certain groups-related information, but even after that, these developers retained access to user data for a period of several months.
Here's all you need to know about it.
Facebook restricted apps' access to group data
Facebook has long been providing Group administrators an option to manage their groups via third-party tools/apps.
The capability ensures easy management, but until last year, it also provided these apps information about connected groups and their members.
In the wake of Cambridge Analytica debacle in 2018, Facebook stopped this practice by putting restrictions to keep the developers from seeing group member information.
But, turns out, some developers still had this access
Now, after conducting a security review, the social network's head of partnerships, Konstantinos Papamiltiadis, has revealed that some 100 apps were left with this access, even when the restrictions were imposed.
This means they had the access to certain group information, like names and profile pictures of the members and other unspecified profile data, for longer than Facebook had intended.
11 developers accessed this information in last 60 days
Facebook said some 11 of these 100 developers were confirmed to have accessed the information in question within the last 60 days.
However, the company emphasized that there's no evidence of abuse and the access has been revoked for all the apps/developers.
It has also asked the parties to delete the information they may have and will conduct audits to ensure the same.
Still, no word on exact number of affected users
While Facebook has acknowledged the leak and taken appropriate damage control steps by revoking the developers' access, there's no word on the number of Facebook users who may have been affected by this issue.
This adds another case into the string of data leaks the company had in the last two years, including the Cambridge Analytica scandal and September 2018 data breach.