In early December, Facebook’s developer team declared the discovery of a security bug that gave developers access to photos users hadn’t shared on their timeline, including photos they had posted in Facebook Marketplace or Stories.
More worryingly, apps could find access to images users might have uploaded to Facebook but didn’t post anywhere. For example, this could be pictures you uploaded to a profile update you abandoned and did not complete. These are pictures that users haven’t shared with anyone.

The link for this article located at The Next Web is no longer available.