Facebook Mistakenly Leaked User Info To Developers
Facebook has revealed that it unknowingly gave outside developers access to some private user information.
The social media giant explained that since April 2018, it has removed or restricted a number of its developer application programming interfaces (APIs), including the Groups API, so that an app can only access personal information such as a user’s name and profile picture in connection with group activity if members opt-in. Yet for the past 18 months, some third-party developers who used the company’s Groups API were still able to see that extra information.
“We recently found that some apps retained access to group member information, like names and profile pictures in connection with group activity, from the Groups API, for longer than we intended. We have since removed their access. Today we are also reaching out to roughly 100 partners who may have accessed this information since we announced restrictions to the Groups API, although it’s likely that the number that actually did is smaller and decreased over time,” wrote Konstantinos Papamiltiadis, Facebook’s director of platform partnerships.