Facebook Admits Privacy Settings 'Bug' Affects 14 Million Users

Uploaded on 2018-06-12 in TECHNOLOGY-Key Areas-Social Media, NEWS-News Analysis, FREE TO VIEW

Facebook last week acknowledged a software glitch that changed the settings of some 14 million users, potentially making some posts public even if they were intended to be private. 

The news marked the latest in a series of privacy embarrassments for the world's biggest social network, which has faced a firestorm over the hijacking of personal data on tens of millions of users and more recently for disclosures on data-sharing deals with smartphone makers. 

Erin Egan, Facebook's chief privacy officer, said in a statement that the company recently "found a bug that automatically suggested posting publicly when some people were creating their Facebook posts." 

Facebook said this affected users posting between May 18 and May 27 as it was implementing a new way to share some items such as photos. 

That left the default or suggested method of sharing as public instead of only for specific users or friends. 
Facebook said it corrected the problem on May 22 but was unable to change all the posts, so is now notifying affected users. 

"Starting today we are letting everyone affected know and asking them to review any posts they made during that time," Egan said. 

"To be clear, this bug did not impact anything people had posted before, and they could still choose their audience just as they always have. We'd like to apologise for this mistake." 

Facebook confirmed that China-based Huawei, which has been banned by the US military and is a lightning rod for cyber-espionage concerns, was among device makers authorised to see user data in agreements that had been in place for years. 
Facebook has claimed the agreements with some 60 device makers dating from a decade ago were designed to help the social media giant get more services into the mobile ecosystem. 

Nonetheless, lawmakers expressed outrage that Chinese firms were given access to user data at a time when officials were trying to block their access to the US market over national security concerns. 

The revelations come weeks after chief executive Mark Zuckerberg was grilled in Congress about the hijacking of personal data on some 87 million Facebook users by Cambridge Analytica, a consultancy working on Donald Trump's 2016 presidential campaign.

Security Week

You Might Also Read: 

Backlash: Facebook's Data-Sharing With Chinese Firms:

Facebook Collects Your Data Even If You Don’t Use Facebook:

It’s Time to Make Our Privacy Tools Easier to Find:
 

« Cyber Thesaurus - Vocabulary Pt.1
F-35 Is The Most Thoroughly Tested Cyber Weapon »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

InfoSec People

InfoSec People

InfoSec People is a boutique cyber and technology recruitment consultancy, built by genuine experts.

Eversheds Sutherland

Eversheds Sutherland

Eversheds Sutherland is a global multinational law practice offering a full range of commercial and IT law services including Privacy, Data Protection and Cyersecurity.

Potomac Institute for Policy Studies

Potomac Institute for Policy Studies

Potomac Institute undertakes research on key science, technology, and national security issues facing society, Study areas include cybersecurity.

Intrasoft International

Intrasoft International

Intrasoft International is a leading European IT Solutions and Services Group offering a full range of IT services including Information Security.

National Security Authority (NBU) - Slovakia

National Security Authority (NBU) - Slovakia

The National Security Authority (NBU) is the central government body in Slovakia for the Protection of Classified Information, Cryptographic Services, Trust Services and Cyber Security.

BeDefended

BeDefended

BeDefended is an Italian company operating in IT Security and specialized in Cloud and Application Security with years of experience in penetration testing, consulting, training, and research.

MSPAlliance

MSPAlliance

MSPAlliance is the world’s largest industry association and certification body for cloud computing and managed service professionals.

Fudo Security

Fudo Security

Fudo Security is a leading provider of privileged access management and privileged session monitoring solutions.

Point Predictive

Point Predictive

Point Predictive build Predictive Models using Artificial Intelligence and Machine Learning techniques that help our customers stop fraud and early payment default (EPD).

Razorpoint Cybersecurity

Razorpoint Cybersecurity

Razorpoint’s world-class security experts have provided advanced, effective cybersecurity expertise to corporate and public-sector organizations around the world.

Tactical Network Systems (TNS)

Tactical Network Systems (TNS)

Tactical Network Solutions helps you discover hidden attack vectors in IoT and connected devices before someone else does.

Bionic

Bionic

Bionic is an agentless way to get control over your increasingly complex applications so you can manage, operate, and secure them faster and more efficiently.

Armexa

Armexa

Armexa is a leading provider of advanced industrial cybersecurity solutions that protect your critical OT and ICS infrastructure against ever-changing threats.

WiebeTech

WiebeTech

WiebeTech’s line of digital forensics tools provide innovative and rugged devices for efficient disk imaging and evidence capture.

ExchangeDefender

ExchangeDefender

ExchangeDefender provides cybersecurity services that secures your company email and data, and guarantees 24/7 email access.

Kong

Kong

Kong - powering the API world. Increase developer productivity, security, and performance at scale with the unified platform for API management, service mesh, and ingress controller.