As many as 100 software developers had improper access to Facebook users’ data, including their names and profile pictures, the social networking giant revealed on Tuesday. The developers had access to Groups information through a privilege that was phased out last year, the social network said.
Facebook said it discovered that many developers still had access to data about users in groups, despite changes the company made in April 2018 to cut off this access, Facebook said in a blog post. Facebook said it knew of at least 11 developer partners that had accessed the data in the past 60 days and has contacted about 100 developers who may have had access to the data.
Facebook said it’s removed the developers’ access to the data.
“Although we’ve seen no evidence of abuse, we will ask them to delete any member data they may have retained and we will conduct audits to confirm that it has been deleted,” Konstantinos Papamiltiadis, Facebook’s director of developer platforms and programs, wrote in the blog.
The revelation underscores how data privacy issues continue to plague the world’s largest social network. In March 2018, revelations surfaced that UK political consultancyharvested the data of up to 87 million Facebook users without their permission.
The scandal raised concerns about whether the world’s largest social network was doing enough to protect user data and sparked scrutiny from lawmakers and regulators. Facebook said in September itfor various reasons as part of an investigation into developers who had access to user data it launched last year.
Facebook, which has about 2.4 billion users worldwide, didn’t immediately respond to a request for information about how many users may have had their information exposed.