Facebook Admits Privacy Settings 'Bug' Affects 14 Million Users

Facebook last week acknowledged a software glitch that changed the settings of some 14 million users, potentially making some posts public even if they were

intended to be private. 

The news marked the latest in a series of privacy embarrassments for the world's biggest social network, which has faced a firestorm over the hijacking of personal data on tens of millions of users and more recently for disclosures on data-sharing deals with smartphone makers. 

Erin Egan, Facebook's chief privacy officer, said in a statement that the company recently "found a bug that automatically suggested posting publicly when some people were creating their Facebook posts." 

Facebook said this affected users posting between May 18 and May 27 as it was implementing a new way to share some items such as photos. 

That left the default or suggested method of sharing as public instead of only for specific users or friends. 
Facebook said it corrected the problem on May 22 but was unable to change all the posts, so is now notifying affected users. 

"Starting today we are letting everyone affected know and asking them to review any posts they made during that time," Egan said. 

"To be clear, this bug did not impact anything people had posted before, and they could still choose their audience just as they always have. We'd like to apologise for this mistake." 

Facebook confirmed that China-based Huawei, which has been banned by the US military and is a lightning rod for cyber-espionage concerns, was among device makers authorised to see user data in agreements that had been in place for years. 
Facebook has claimed the agreements with some 60 device makers dating from a decade ago were designed to help the social media giant get more services into the mobile ecosystem. 

Nonetheless, lawmakers expressed outrage that Chinese firms were given access to user data at a time when officials were trying to block their access to the US market over national security concerns. 

The revelations come weeks after chief executive Mark Zuckerberg was grilled in Congress about the hijacking of personal data on some 87 million Facebook users by Cambridge Analytica, a consultancy working on Donald Trump's 2016 presidential campaign.

Security Week

You Might Also Read: 

Backlash: Facebook's Data-Sharing With Chinese Firms:

Facebook Collects Your Data Even If You Don’t Use Facebook:

It’s Time to Make Our Privacy Tools Easier to Find:
 

« Cyber Thesaurus - Vocabulary Pt.1
F-35 Is The Most Thoroughly Tested Cyber Weapon »

Directory of Suppliers

Sealpath

Sealpath

Sealpath helps you keep the ownership of your documents wherever they are and go further than file encryption

Microsemi Corporation

Microsemi Corporation

Microsemi's portfolio of semiconductor and system solutions includes data protection and security for the data center.

HANDD Business Solutions

HANDD Business Solutions

HANDD are an independent data security & file transfer experts, having delivered more than 400 enterprise Managed File Transfer, Data Loss Prevention

Metropolitan Police FALCON Team

Metropolitan Police FALCON Team

FALCON is the Metropolitan Police response to Fraud and Linked Crime Online. It includes the Met's Cyber Crime Unit.

EC-Council

EC-Council

EC-Council, is the world’s largest cyber security technical certification body.

Cryptus Cyber Security

Cryptus Cyber Security

Cryptus Cyber Security is an Information Security Training company providing advanced training and services to IT Professionals.

Ziften

Ziften

Ziften provides infrastructure visibility and coordinated threat detection, prevention, and response across all endpoint devices and cloud environments.

eco

eco

eco, with more than 950 member organizations, is the largest Internet industry association in Europe.

KELA Group

KELA Group

KELA's Radark threat intelligence console automatically tracks Darknet threats, giving immediate notification of compromised company information.

KFSensor

KFSensor

KFSensor is an advanced 'honeypot' intrusion and insider threat detection system for Windows networks.

Leidos Cyber

Leidos Cyber

Leidos Cyber Inc. is a leading provider of cyber security products and services.

Sogeti

Sogeti

Sogeti is one of the leaders in technology and engineering services with areas of expertise including Digital Transformation and Cybersecurity.

KeyW

KeyW

KeyW is a pure-play national security solutions provider for the Intelligence, Cyber and Counterterrorism Communities'​ toughest challenges.

Suprema

Suprema

Suprema is a global leader in biometrics and security technology.

Immersive Labs

Immersive Labs

Immersive Labs have created a kinesthetic learning platform which identifies gaps in your teams cyber skills.