Facebook Admits Privacy Settings 'Bug' Affects 14 Million Users

Facebook last week acknowledged a software glitch that changed the settings of some 14 million users, potentially making some posts public even if they were intended to be private. 

The news marked the latest in a series of privacy embarrassments for the world's biggest social network, which has faced a firestorm over the hijacking of personal data on tens of millions of users and more recently for disclosures on data-sharing deals with smartphone makers. 

Erin Egan, Facebook's chief privacy officer, said in a statement that the company recently "found a bug that automatically suggested posting publicly when some people were creating their Facebook posts." 

Facebook said this affected users posting between May 18 and May 27 as it was implementing a new way to share some items such as photos. 

That left the default or suggested method of sharing as public instead of only for specific users or friends. 
Facebook said it corrected the problem on May 22 but was unable to change all the posts, so is now notifying affected users. 

"Starting today we are letting everyone affected know and asking them to review any posts they made during that time," Egan said. 

"To be clear, this bug did not impact anything people had posted before, and they could still choose their audience just as they always have. We'd like to apologise for this mistake." 

Facebook confirmed that China-based Huawei, which has been banned by the US military and is a lightning rod for cyber-espionage concerns, was among device makers authorised to see user data in agreements that had been in place for years. 
Facebook has claimed the agreements with some 60 device makers dating from a decade ago were designed to help the social media giant get more services into the mobile ecosystem. 

Nonetheless, lawmakers expressed outrage that Chinese firms were given access to user data at a time when officials were trying to block their access to the US market over national security concerns. 

The revelations come weeks after chief executive Mark Zuckerberg was grilled in Congress about the hijacking of personal data on some 87 million Facebook users by Cambridge Analytica, a consultancy working on Donald Trump's 2016 presidential campaign.

Security Week

You Might Also Read: 

Backlash: Facebook's Data-Sharing With Chinese Firms:

Facebook Collects Your Data Even If You Don’t Use Facebook:

It’s Time to Make Our Privacy Tools Easier to Find:
 

« Cyber Thesaurus - Vocabulary Pt.1
F-35 Is The Most Thoroughly Tested Cyber Weapon »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Team Cymru Research NFP

Team Cymru Research NFP

Team Cymru Research is a group of technologists passionate about making the Internet more secure and dedicated to that goal.

Institute for Critical Infrastructure Technology (ICIT)

Institute for Critical Infrastructure Technology (ICIT)

ICIT is a leading cybersecurity think tank providing objective research, advisory, and education to legislative, commercial, and public-sector cybersecurity stakeholders.

Compass Security

Compass Security

Compass Security is a specialist IT Security consultancy firm based in Switzerland. Services include pentesting, security assessments, digital forensics and security training.

SQNetworks

SQNetworks

SQNetworks provides a full range of cybersecurity consultancy, services and solutions.

Alyne

Alyne

Alyne is a Munich based 2B RegTech offering organisations risk insight capabilities through a Software as a Service.

Sky Data Vault

Sky Data Vault

Sky Data Vault provide the simplest and most cost effective method of Disaster Recovery / Business Continuity for mission critical systems and applications.

Phosphorus Cybersecurity

Phosphorus Cybersecurity

Phosphorus has fully automated remediation of the two biggest IoT vulnerabilities, out of date firmware and default credentials.

Startup Wise Guys

Startup Wise Guys

Startup Wise Guys is a mentorship-driven accelerator program for early stage B2B SaaS, Fintech, Cybersecurity & Defense AI startups.

Noventiq

Noventiq

Noventiq (the brandname of Softline Holding plc) is a leading global solutions and services provider in digital transformation and cybersecurity.

Ergo

Ergo

Ergo is a world-class IT Partner of choice, leveraging the latest technology available in cloud, mobility, big data, analytics, and social media.

NINJIO

NINJIO

NINJIO is a leader in cybersecurity awareness training. View IT Security Awareness through a different lens - entertain and educate your users through storytelling.

Cybeta

Cybeta

Cybeta's actionable cybersecurity intelligence keeps your business safe with strategic and operational security recommendations that prevent breaches.

Bloc Ventures

Bloc Ventures

Bloc Ventures is an investment company providing long-term, ‘patient’ equity capital to early stage unquoted deep technology companies.

CERT.JE

CERT.JE

CERT.JE is responsible for promoting and improving the cyber resilience across the critical national infrastructure, business communities and citizens in Jersey.

Traceable

Traceable

Traceable was founded to protect applications from next-generation attacks.

CyberAntix

CyberAntix

CyberAntix offers Premium CyberSecurity for your business using an advanced Security Operations Centre technology and process platform reinforced by a steadfast and expert SOC team.