Continuing the new normal of fixing things after major security breaches, Facebook has once again made it into the news. This time, Facebook has revealed a serious privacy breach, following which the company announced changes in the Groups API.
Recently, Facebook disclosed another privacy breach. According to the blog post by Konstantinos Papamiltiadis, Director of Developer Platforms and Programs at Facebook, the firm has noticed some developers retaining personal information of users ‘longer than intended’.
Specifically, the incident happened due to the behavior of Groups API that allowed group admins to share data with developers. While this was not the case before 2018, it did give explicit access to the developers after 2018. According to Facebook,
Consequently, they suspect around 100 such developers to have retained the data. Out of 100, Facebook confirmed at least 11 developers to have accessed the data they should not have.
As elaborated, these mainly include video streaming and social media management apps.
According to the blog post, Facebook has removed the access of the developers whom they found storing users’ data. Moreover, they have also pledged to make sure that the developers delete all the data they have collected.
In addition Facebook has reinstated its stance to comply with its agreement with FTC to ensure ‘more accountability and transparency’.