Facebook Admits Privacy Settings 'Bug' Affects 14 Million Users

Uploaded on 2018-06-12 in TECHNOLOGY-Key Areas-Social Media, NEWS-Cybersecurity News, FREE TO VIEW

Facebook last week acknowledged a software glitch that changed the settings of some 14 million users, potentially making some posts public even if they were intended to be private. 

The news marked the latest in a series of privacy embarrassments for the world's biggest social network, which has faced a firestorm over the hijacking of personal data on tens of millions of users and more recently for disclosures on data-sharing deals with smartphone makers. 

Erin Egan, Facebook's chief privacy officer, said in a statement that the company recently "found a bug that automatically suggested posting publicly when some people were creating their Facebook posts." 

Facebook said this affected users posting between May 18 and May 27 as it was implementing a new way to share some items such as photos. 

That left the default or suggested method of sharing as public instead of only for specific users or friends. 
Facebook said it corrected the problem on May 22 but was unable to change all the posts, so is now notifying affected users. 

"Starting today we are letting everyone affected know and asking them to review any posts they made during that time," Egan said. 

"To be clear, this bug did not impact anything people had posted before, and they could still choose their audience just as they always have. We'd like to apologise for this mistake." 

Facebook confirmed that China-based Huawei, which has been banned by the US military and is a lightning rod for cyber-espionage concerns, was among device makers authorised to see user data in agreements that had been in place for years. 
Facebook has claimed the agreements with some 60 device makers dating from a decade ago were designed to help the social media giant get more services into the mobile ecosystem. 

Nonetheless, lawmakers expressed outrage that Chinese firms were given access to user data at a time when officials were trying to block their access to the US market over national security concerns. 

The revelations come weeks after chief executive Mark Zuckerberg was grilled in Congress about the hijacking of personal data on some 87 million Facebook users by Cambridge Analytica, a consultancy working on Donald Trump's 2016 presidential campaign.

Security Week

You Might Also Read: 

Backlash: Facebook's Data-Sharing With Chinese Firms:

Facebook Collects Your Data Even If You Don’t Use Facebook:

It’s Time to Make Our Privacy Tools Easier to Find:
 

« Cyber Thesaurus - Vocabulary Pt.1
F-35 Is The Most Thoroughly Tested Cyber Weapon »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Malwarebytes

Malwarebytes

Malwarebytes provides artificial intelligence-powered technology that stops cyberattacks before they can compromise computers and endpoints.

CircleCI

CircleCI

CircleCI’s platform allows developers to rapidly release code (for web and mobile apps) they trust by automating the build, test, and deploy process.

Momentum

Momentum

The Cyber Security team at Momentum offers a professional and specialist recruitment service across Cyber & IT Security.

SRI International

SRI International

SRI International is a research institute performing client-sponsored R&D in a broad range of study areas including computing and cybersecurity.

Security Onion Solutions

Security Onion Solutions

Security Onion Solutions is the creator and maintainer of Security Onion, a free and open platform for threat hunting, network security monitoring, and log management.

NopSec

NopSec

NopSec provides automated IT security control measurement and risk remediation solutions to help businesses protect their IT environments from security breaches.

BeDefended

BeDefended

BeDefended is an Italian company operating in IT Security and specialized in Cloud and Application Security with years of experience in penetration testing, consulting, training, and research.

InfoLock

InfoLock

Infolock are experts in data governance, providing consulting and advisory services that help organizations effectively secure, manage, and optimize their data.

Axiado

Axiado

Axiado Corporation is a security processor company redefining hardware root of trust with hardware-based security technologies, including per-system AI.

FCI

FCI

FCI is a NIST-Based Managed Security Service Provider (MSSP) offering Cybersecurity Compliance Enablement Technologies & Services to Financial Services organizations.

KCS Group Europe

KCS Group Europe

KCS Group helps its clients to identify and deal with any risks, weaknesses and threats which could impact on the business financially or reputationally.

Infinavate

Infinavate

Infinavate Fort CyberVault offers end-to-end services that comprehensively responds to the organization’s information security and privacy needs.

Cyber Explorers

Cyber Explorers

Cyber Explorers is a fun, free and interactive learning platform for future digital superstars. An exciting addition to UK curriculum delivery or after school activities.

BlazeGuard

BlazeGuard

At BlazeGuard, we understand that navigating the complex world of cybersecurity can be challenging. That’s why we make it our mission to simplify the process for you.

LT Harper

LT Harper

LT Harper specialise in cyber security recruitment. We believe in providing an individualised service to our customers whether they are looking for a new opportunity or to hire talent.

SITS Group

SITS Group

SITS Group excel in delivering a comprehensive range of Cyber Security consulting and managed services, from cloud transformation to risk management.