This not only included the photos that the users have uploaded on their timelines, but, the ones they have uploaded elsewhere

Facebook announced last Friday that the social network had mistakenly exposed private photos of millions of users without their permission.

According to reports, a bug on facebook allowed third-party app developers to access photos of 6.8 million users, who may not have shared their photos publicly.

This not only included the photos that the users have uploaded on their timelines, but, the ones they have uploaded elsewhere, like the Facebook Marketplace or even the ones that they uploaded to share, but not made live after changing their minds.

When did this happen?
Facebook discovered that its users photos were exposed over a 12-day period in September 2018.  After finding out about the bug, Facebook has been investigating the issue to understand its impact to ensure that they have contacted the right developers and the people affected by this bug.

Ankush Johar, director at Infosec Ventures, said: "Humans are the weakest link in cyber security, and privacy is an urban legend today. This has been proven time after time. The security of a user's data lies in their own control and the only way to be secure is to be vigilant and suspicious by nature.

"Be your own HumanFirewall! Users are suggested not to provide any permission to 'silly' Facebook Apps that provide no utility and immediately take corrective action by retracting permission from needless apps. This can be done via the 'security and privacy settings' on the Facebook App or Website.

"In this specific instance, only those users may have been affected who gave access to third party facebook apps that had access to their photos, but as seen in past facebook hacks, hackers are easily able to develop fake apps like “Quiz Apps” and “What Celebrity You Look Like Apps” for example, that appear to need genuine reasons to access photos, friend lists etc., but, in the background they steal information of users."