Approximately 100 developers connected to Facebook via APIs improperly accessed user data. The news was confirmed by Facebook in a recent blog post.
For the uninitiated, an API is a set of functions that allow applications to use data from their respective platforms. In this case, the platform is Facebook.
In the blog post, the company has only disclosed that developers were able to access profile pictures and names of the users. Information on other data accessed remains undisclosed. Moreover, the social media giant has not confirmed the number of users affected by this either.
Facebook is supposedly reaching out to the developers who may have had improper access to user data. The social media giant, in a statement, said:
Although we’ve seen no evidence of abuse, we will ask them to delete any member data they may have retained, and we will conduct audits to confirm that it has been deleted.
In early 2018, due to the Cambridge Analytica scandal, Facebook restricted its developer APIs to limit the ways developers can access and save large amounts of user data. Despite the restrictions and certain changes, developers can still inappropriately access user data.
After the scandal, the Federal Trade Commission fined Facebook for $5 billion and the Company was given instructions on how to handle privacy leaks.
It is very disappointing that, despite so many leaks and consequences, Facebook is still not able to handle its data and data privacy.
Facebook, in its efforts to reassure their users, said:
As we work through this process, we expect to find examples like the Groups API of where we can improve; rest assured we are committed to this work and supporting the people on our platform.