Facebook bug affected up to 14 million accounts


Sat, Jun 09, 2018 - Page 10

Facebook Inc said a software bug led some users to post publicly by default regardless of their previous settings.

The bug affected as many as 14 million users over several days last month.

The problem, which Facebook said it has fixed, is the latest privacy scandal for the world’s largest social media company.

It said the bug automatically suggested that users make new posts public, even if they had previously restricted posts to “friends only” or another private setting.

If users did not notice the new default suggestion, they unwittingly sent their post to a broader audience than they had intended.

Facebook chief privacy officer Erin Egan said the bug did not affect past posts.

Facebook is notifying users who were affected and posted publicly during the time the bug was active, advising them to review their posts.

The news follows a furor over Facebook’s sharing of user data with device makers, including China’s Huawei Technologies Co (華為).

The company is also still recovering from the Cambridge Analytica scandal, in which a data-mining firm affiliated with US President Donald Trump got access to the personal data of as many as 87 million Facebook users.

Facebook, which has 2.2 billion users, says the bug was active from May 18 until May 27.

While the company says it fixed the error on May 22, it was not able to change all the posts back to their original privacy parameters until later.

The mistake happened when the company built a new way for people to share “featured items” on their profiles.

These items, which include posts and albums of photographs, are automatically public.

In the process of creating the feature, Facebook said it accidentally made the suggested audience for all new posts public.

When people post to Facebook, the service suggests a default distribution for their posts based on past privacy settings.

If someone made all posts “friends only” in the past, it would set their next post to “friends only” as well.

People can still manually change the privacy level of the posts — anywhere from “public” to “only me” — and this was the case while the bug was active as well.