Facebook Admits Privacy Settings 'Bug' Affects 14 Million Users

Uploaded on 2018-06-12 in TECHNOLOGY-Key Areas-Social Media, NEWS-Cybersecurity News, FREE TO VIEW

Facebook last week acknowledged a software glitch that changed the settings of some 14 million users, potentially making some posts public even if they were intended to be private. 

The news marked the latest in a series of privacy embarrassments for the world's biggest social network, which has faced a firestorm over the hijacking of personal data on tens of millions of users and more recently for disclosures on data-sharing deals with smartphone makers. 

Erin Egan, Facebook's chief privacy officer, said in a statement that the company recently "found a bug that automatically suggested posting publicly when some people were creating their Facebook posts." 

Facebook said this affected users posting between May 18 and May 27 as it was implementing a new way to share some items such as photos. 

That left the default or suggested method of sharing as public instead of only for specific users or friends. 
Facebook said it corrected the problem on May 22 but was unable to change all the posts, so is now notifying affected users. 

"Starting today we are letting everyone affected know and asking them to review any posts they made during that time," Egan said. 

"To be clear, this bug did not impact anything people had posted before, and they could still choose their audience just as they always have. We'd like to apologise for this mistake." 

Facebook confirmed that China-based Huawei, which has been banned by the US military and is a lightning rod for cyber-espionage concerns, was among device makers authorised to see user data in agreements that had been in place for years. 
Facebook has claimed the agreements with some 60 device makers dating from a decade ago were designed to help the social media giant get more services into the mobile ecosystem. 

Nonetheless, lawmakers expressed outrage that Chinese firms were given access to user data at a time when officials were trying to block their access to the US market over national security concerns. 

The revelations come weeks after chief executive Mark Zuckerberg was grilled in Congress about the hijacking of personal data on some 87 million Facebook users by Cambridge Analytica, a consultancy working on Donald Trump's 2016 presidential campaign.

Security Week

You Might Also Read: 

Backlash: Facebook's Data-Sharing With Chinese Firms:

Facebook Collects Your Data Even If You Don’t Use Facebook:

It’s Time to Make Our Privacy Tools Easier to Find:
 

« Cyber Thesaurus - Vocabulary Pt.1
F-35 Is The Most Thoroughly Tested Cyber Weapon »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Virus Bulletin

Virus Bulletin

Virus Bulletin is an online security information portal and certification body, providing users with independent intelligence about the latest developments in the global threat landscape.

National Information Security & Safety Authority (NISSA) - Libya

National Information Security & Safety Authority (NISSA) - Libya

NISSA is responsible for safeguarding the integrity, availability and resilienceof ICT infrastructure, resources, services and data in Libya.

Assured Information Security (AIS)

Assured Information Security (AIS)

AIS is committed to providing our customers with critical information security products, services, and training. We support diverse needs throughout business and industry.

Inogesis

Inogesis

Inogesis helps blue-chip organisations harness disruptive technologies and thinking to drive new revenues or overcome challenges by connecting them with dynamic small companies.

IAC

IAC

IAC is a specialist Irecruitment consultancy covering Internal Audit, Risk, Controls, Governance, IT Audit, and Cyber Security roles.

Nextcloud

Nextcloud

Nextcloud offers offers solutions to the combined need of security and ubiquitous access to data and collaboration technology.

ST Engineering

ST Engineering

ST Engineering is a leading provider of trusted and innovative cybersecurity solutions.

XPO IT Services

XPO IT Services

XPO IT Services are dedicated to providing secure, high quality IT recycling and asset disposal services.

SaltStack

SaltStack

SaltStack develops award-winning intelligent IT automation software. We help businesses more efficiently secure and manage all aspects of their digital infrastructure.

Enterprise Incubator Foundation (EIF)

Enterprise Incubator Foundation (EIF)

Enterprise Incubator Foundation (EIF) of Armenia is one of the largest technology business incubators and IT development agencies in the region.

Cyber Intelligence 4U

Cyber Intelligence 4U

Cyber Intelligence 4U is an educational services company that provides two levels of cybersecurity training programs: executive and technical.

Lockheed Martin

Lockheed Martin

Lockheed Martin deliver full-spectrum cyber capabilities and cyber resilient systems to defense, intelligence community and global security customers.

SnapAttack

SnapAttack

SnapAttack is a collaborative platform that empowers your security team to stay ahead of threats, create robust behavioral analytics for your existing tools, and prove your program's effectiveness.

LayerX Security

LayerX Security

LayerX's user-first browser security platform turns any browser into the most protected & manageable workspace, by providing real-time monitoring and governance over users’ activities on the web.

OccamSec

OccamSec

OccamSec is a leading provider in the world of cybersecurity. We provide accurate, actionable information to reduce risk and enable better informed decisions.

Cynch Security

Cynch Security

Cynch Security are passionate about building a world where every business is resilient to cybersecurity risks, no matter what their size.